imgbly.com Open in urlscan Pro
2606:4700:3035::6815:2e59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://imgbly.com/
Effective URL:
https://imgbly.com/
Submission: On February 09 via api (February 9th 2024, 1:43:50 pm UTC) from US — Scanned from DE

Summary HTTP 224 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 24 domains to perform 224 HTTP transactions. The main IP is 2606:4700:3035::6815:2e59, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgbly.com.
TLS certificate: Issued by GTS CA 1P5 on December 23rd 2023. Valid for: 3 months.

This is the only time imgbly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:8905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:303... 2606:4700:3035::6815:2e59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:c32b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
12 16	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
5 13	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 13	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
6	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1 3	2a02:26f0:480... 2a02:26f0:480:22::1726:62d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 2	54.194.91.232 54.194.91.232	16509 (AMAZON-02) (AMAZON-02)
1 4	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:230... 2600:9000:2304:f400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	3.8.30.143 3.8.30.143	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
2	23.199.221.167 23.199.221.167	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2600:1f13:800... 2600:1f13:800:7781:2b49:c39c:c642:eb	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	52.56.219.216 52.56.219.216	16509 (AMAZON-02) (AMAZON-02)
224	39

1 2606:4700:3035::ac43:8905 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imgbly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3035::6815:2e59 (United States)

ASN13335 (CLOUDFLARENET, US)

imgbly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sandbox.elemisthemes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:7aaf (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:c32b (United States)

ASN13335 (CLOUDFLARENET, US)

filesharer.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.194 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.36.155 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.89.210.122 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:22::1726:62d4 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.244 (Papenburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.91.232 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-91-232.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.52.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2304:f400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.8.30.143 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-30-143.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.199.221.167 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-221-167.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7781:2b49:c39c:c642:eb (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.219.216 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-219-216.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
44	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 ad.doubleclick.net — Cisco Umbrella Rank: 157 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 566 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 187493	252 KB
30	imgbly.com 1 redirects imgbly.com	2 MB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	449 KB
14	adnxs.com 6 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1756 ib.adnxs.com — Cisco Umbrella Rank: 252 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6972	41 KB
13	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627	9 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 829 static.adsafeprotected.com — Cisco Umbrella Rank: 625 dt.adsafeprotected.com — Cisco Umbrella Rank: 630	175 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37466 hal900020.redintelligence.net — Cisco Umbrella Rank: 234885	42 KB
8	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 773	3 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	259 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2720 adservice.google.com — Cisco Umbrella Rank: 97	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
4	elemisthemes.com sandbox.elemisthemes.com	199 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 26690 api.webgains.io — Cisco Umbrella Rank: 62843	19 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 60	15 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	245 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16791	1 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61820	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 53021	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 144946	923 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 729	570 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4163	38 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6562	408 B
1	filesharer.cc filesharer.cc
224	24

	Domain	Requested by
43	pagead2.googlesyndication.com	imgbly.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
30	imgbly.com	1 redirects imgbly.com
27	tpc.googlesyndication.com	imgbly.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
23	s0.2mdn.net	imgbly.com s0.2mdn.net googleads.g.doubleclick.net
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net imgbly.com
16	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net
13	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
10	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	unpkg.com	4 redirects imgbly.com
6	dt.adsafeprotected.com	imgbly.com
6	ad.doubleclick.net	imgbly.com googleads.g.doubleclick.net 8019191.fls.doubleclick.net
4	hal900020.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900020.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900020.redintelligence.net
4	www.gstatic.com	www.google.com imgbly.com googleads.g.doubleclick.net
4	fonts.googleapis.com	imgbly.com googleads.g.doubleclick.net hal900020.redintelligence.net
4	sandbox.elemisthemes.com	imgbly.com
3	static.adsafeprotected.com	fw.adsafeprotected.com imgbly.com googleads.g.doubleclick.net
3	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
3	www.googletagmanager.com	imgbly.com adv.office-partner.de www.googletagmanager.com
3	www.google.com	1 redirects imgbly.com tpc.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	googleads.g.doubleclick.net
2	8019191.fls.doubleclick.net	1 redirects imgbly.com
2	googleads4.g.doubleclick.net	imgbly.com
2	fw.adsafeprotected.com	1 redirects imgbly.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	imgbly.com
1	adv.office-partner.de	hal900020.redintelligence.net
1	tags.bluekai.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	www.google.de	imgbly.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	filesharer.cc	imgbly.com
224	39

This site contains links to these domains. Also see Links.

Domain
filesharer.cc
urlty.co
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
apple.com
play.google.com

Subject Issuer	Validity	Valid
imgbly.com GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
elemisthemes.com GTS CA 1P5	`2024-02-06` - `2024-05-06`	3 months	crt.sh
filesharer.cc GTS CA 1P5	`2023-12-22` - `2024-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-01-08` - `2024-07-06`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://imgbly.com/
Frame ID: FC8696AAF97EB71C54B58692D5BFA736
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 26185F6DDDD423E4E33BAE89B15C1E10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&adk=1812271804&adf=3025194257&lmt=1707486223&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fimgbly.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&aseiel=1~2~4~6~16&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223064&bpp=4&bdt=289&idt=286&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1814987950648&frm=20&pv=2&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: 956021C6A7777EEFE64A7F85320C240C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=6165245991&adk=1845920765&adf=908614852&pi=t.ma~as.6165245991&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223828&bpp=8&bdt=1053&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=13
Frame ID: ECA1F4098242B5DEF3AEE871AC1A2174
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3
Frame ID: 1ED3E4A3890646CD73282F843050BB69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=4108824645&adk=4077765493&adf=142128293&pi=t.ma~as.4108824645&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223860&bpp=8&bdt=1085&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=309&ady=638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=10
Frame ID: 80FDBD1D0929C0DC1BFEEBCE1531B0EF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3
Frame ID: 52F22E47C1BB3407557B36056BAC8B9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNVx261htZJM7U1NOjnWHXDExpgX9icYhSyhRPTKITdX6L7UmjlbTbfImRV5ovCq1WSk50ZFahJz85RCe7HspeJ5SXMWrMpQBKlQzx0RaCoKyu_m7RoTGsJuSWW_z8KVNcvS0zVucwzpo6X3ABd3ASTuZLHxT_AI-VFPj09cXlH3HIo7frs
Frame ID: B86E8D52CBA78147889359D38646C775
Requests: 5 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: C4EF97CE2A441F20A2742C2E00C6FB6E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 52FC388EF484CFE372CEA2A281E555DB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 513251CE7E9FCFB5580B5C4CF49CF5CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXYbnRS_-ldN2ngcFye6_HBatyEFpuZnioZT3I2ssWkjk4TgrO5t-VVhWoKXQcA9Hb1gE_LW1ZR-WJQ5qFDyXTnL9r5Rub8W3ilO51IcgZp25-JFj469NpeDerF86Pk2cSm-VMZRWXHWu2YgBT9hcvb2qw6CY7yWRAlvgj8Mow95twqDXY
Frame ID: B6EAE5FE31455E34C6D35FAA4B3ED47F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AD32E74D546C35812C79A618E96FC853
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2B1113564E2EA30BFEB96D1EB1C9073D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 716E862B568CE777799FF55BE2780F22
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLu6_oYCMAE&v=APEucNXqy99SooYJtXWlPwOhdKCYYbWDqxADlbN052bNCzrtnIfCldBSsbWyrkY7_0IPb3Wa5uKYfKZ4Zfuhdg_2SgXgcC3sal7FBD1Rvfi1-BFyQMhHl2CzqZCVYcnIFlKphsJi2wniqxitipSLaIqXdEUZDM_xmWNSZXFg2CgNfr7lxRWzinc
Frame ID: 855501D514D503B3511868DA882A7FED
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 73530132D442A0E039B8B746B597075A
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNUMhyWNPZEHU9jMgp2_XRqZ3KRrbYjRNJx-otlC2pedfBH2MphrNamjRet_TeXNME0xM2UppLjaIw3Rpl8uBxpIbO6Q3LD7hQk5pEbCQrham9ePU4Uu4uWgIZ4Mw1QTsv45wWb_bZ4k4VjH1hE5UbrKQYmfdzbwf500vHon3usrPkoKsOs
Frame ID: 3E0E0D858017AFA9CD362AFFF9B27784
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250
Frame ID: 2A3D412C29524803C8CD74A7CC2FBB41
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F2CB19920085CA7615FE3A55804A2774
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DD5852F729815BC6CC9CE49F4F324D9A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250
Frame ID: D84ABD519554EA43F4F07299BAF0FB85
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B10557182A7BDF5561D31F2B37609CF6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Frame ID: 19F686866857A668406C7A410E192B01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B0A846FE841971BD440C78DEBCB0779E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
Frame ID: B3A340E7863214B74B3FFAD7072E5AAC
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 1A78D5B5FBDE35A20D08539F52274A96
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758
Frame ID: A517BB8F56A42692B0B79D68DEFCA048
Requests: 3 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512
Frame ID: 3F21C87A91A68FF93031F4589E30F7F3
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1E5D1CE2AE40A02155596C42EC96DC1D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F027A7AD938320973066402B788D9D81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6315F740342220F54EA58F669A35146D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Imgbly — Free upload and share your images

Page URL History Show full URLs

http://imgbly.com/ HTTP 301
https://imgbly.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

224
Requests

90 %
HTTPS

59 %
IPv6

24
Domains

39
Subdomains

39
IPs

7
Countries

4859 kB
Transfer

9776 kB
Size

28
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://filesharer.cc/
Title: Filesharer

Search URL Search Domain Scan URL

URL: https://urlty.co/
Title: Urlshortner

Search URL Search Domain Scan URL

URL: https://twitter.com/imgbly

Search URL Search Domain Scan URL

URL: https://www.facebook.com/imgbly

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCl31pBbslD76N9nYOxXimnw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/imgbly.co

Search URL Search Domain Scan URL

URL: http://apple.com/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.imgbly.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://imgbly.com/ HTTP 301
https://imgbly.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://unpkg.com/simple-icons@latest/icons/twitter.svg HTTP 302
https://unpkg.com/simple-icons@11.3.0/icons/twitter.svg

Request Chain 25

https://unpkg.com/simple-icons@latest/icons/facebook.svg HTTP 302
https://unpkg.com/simple-icons@11.3.0/icons/facebook.svg

Request Chain 26

https://unpkg.com/simple-icons@latest/icons/youtube.svg HTTP 302
https://unpkg.com/simple-icons@11.3.0/icons/youtube.svg

Request Chain 27

https://unpkg.com/simple-icons@latest/icons/instagram.svg HTTP 302
https://unpkg.com/simple-icons@11.3.0/icons/instagram.svg

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 69

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFoGaEZa_oJG2tWaXi_xl8A%26google_cver%3D1

Request Chain 71

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzNzY2NzI1MzkwNDcyNzY4NA%3D%3D

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

Request Chain 115

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

Request Chain 119

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=eb7834d9-afca-4778-a746-0efa8f94f4b8&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a9a1b43c-8119-4140-902d-023f855bf11d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dcafb7a5dbff844f8b35da77a5200f69a%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=6626636861768414434&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=cafb7a5dbff844f8b35da77a5200f69a&SNR=1&GV=2&med=10

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 128

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

Request Chain 130

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 160

https://hal900020.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxgoDyzGZdvRO6mZxtYP7KSK8Aim5b2gaa2VnKfJD_AuEAEgydGIkgFglcKagqwHyAEJqQLUp6sw8RayPqgDAcgDmwSqBNsBT9B1AtvJgXg9oeqMu4kYh9YkztZrHIbUygU-ES_HXz9xeM2q-SBqu0OBhWUznVISjkr7_0tYhRAiuKnrV6NQhDop7bfPZmzo17bgpqJsSXEdkj-_h31-f6fq18jB-QZkVTUKaY_qSrG5w0BAMy_Ybl-5F5-_suPFwoW_aZ0s6CZiMZ3dQbslaeuX9zMuNWeWb7a14bjlwiEqCmFzMglxwgrz-scuu-llMQ1Cb7b5lIrw_dRYSxOT0Ald9Tzria-YKfa6q8yHMSvG4tOCtJSKnNrAI78OzenfwJX3wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljv3tfusZ6EA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB%26sig%3DAOD64_2NN4v8qTeB44_3ADzi1XohbEq3Ew%26client%3Dca-pub-3860072030774975%26dbm_c%3DAKAmf-AuU0DLykHxUay6456BznLnAYSzZCw4LhaVn1i4S5DzTjmFRSl-xvgBlTijfHJVyIPp3SJVv1DNloDbl700x3sMvwGtcqHJMXk3Pm-b6ZtJaSNLrFrCVna4dP-sVf-_4qCFnBEjhM_pDeK-z9eeICHGbSNbaQMMEVdf5Nuly5jDrCOXMLU%26cry%3D1%26dbm_d%3DAKAmf-DH2WuclJeVyjrBkUzDqknll3ocUaRY8MsgCiubhKD1y5WsRnB95qHjrPYOcRMx6H4bq3r2QAxYCe3VeEIP5iXnfTN815C7XL_Zxc7x61b2VU0FmjR9g_vKMwNk6ejNOEb2oqDh0jrj-ctcxdpWwixewY1a6ljzmB3I-dJmoyq9pU8D8hV0Y8Ae4fir20fA15Ssb3_CbQH0AkW4ORCGdfBPJQGH8w5OqN-uVis_7r8h9MXiHaUV5bMJrGDSojjcz3Q0EQrvXgQYKiOMv4lA0FhJ1-8SG265wjNgZgTj_CZzuIguBYOSMJ6fXuncUINAvZtMZw4C7kmze7t6JpgCYAdUTB4-1w2XzviR3rCMQz7T0mLYpH5OZvK8BRZFzenyZR8TU5yh8d4taYw6tdauhYW0MrZcrDKTbRy3sBdXD8PpFCNV4ctmeZ27ZxAAPdinZjpTH4oHRG-8KhhoUsj8eN5fModeq3Jw60_UB2NstJLOnmApQp_oGzvjk2nQTTWUjC7RQz-B6rGMO_xgEviBP5kijf5GJI8FrJM6_9XvI-WnDEzPntQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D3953181476%26adk%3D3359639956%26adf%3D402917734%26pi%3Dt.ma~as.3953181476%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223885%26bpp%3D1%26bdt%3D1110%26idt%3D1%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x280%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fimgbly.com&random=7706648258747&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900020.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxgoDyzGZdvRO6mZxtYP7KSK8Aim5b2gaa2VnKfJD_AuEAEgydGIkgFglcKagqwHyAEJqQLUp6sw8RayPqgDAcgDmwSqBNsBT9B1AtvJgXg9oeqMu4kYh9YkztZrHIbUygU-ES_HXz9xeM2q-SBqu0OBhWUznVISjkr7_0tYhRAiuKnrV6NQhDop7bfPZmzo17bgpqJsSXEdkj-_h31-f6fq18jB-QZkVTUKaY_qSrG5w0BAMy_Ybl-5F5-_suPFwoW_aZ0s6CZiMZ3dQbslaeuX9zMuNWeWb7a14bjlwiEqCmFzMglxwgrz-scuu-llMQ1Cb7b5lIrw_dRYSxOT0Ald9Tzria-YKfa6q8yHMSvG4tOCtJSKnNrAI78OzenfwJX3wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljv3tfusZ6EA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB%26sig%3DAOD64_2NN4v8qTeB44_3ADzi1XohbEq3Ew%26client%3Dca-pub-3860072030774975%26dbm_c%3DAKAmf-AuU0DLykHxUay6456BznLnAYSzZCw4LhaVn1i4S5DzTjmFRSl-xvgBlTijfHJVyIPp3SJVv1DNloDbl700x3sMvwGtcqHJMXk3Pm-b6ZtJaSNLrFrCVna4dP-sVf-_4qCFnBEjhM_pDeK-z9eeICHGbSNbaQMMEVdf5Nuly5jDrCOXMLU%26cry%3D1%26dbm_d%3DAKAmf-DH2WuclJeVyjrBkUzDqknll3ocUaRY8MsgCiubhKD1y5WsRnB95qHjrPYOcRMx6H4bq3r2QAxYCe3VeEIP5iXnfTN815C7XL_Zxc7x61b2VU0FmjR9g_vKMwNk6ejNOEb2oqDh0jrj-ctcxdpWwixewY1a6ljzmB3I-dJmoyq9pU8D8hV0Y8Ae4fir20fA15Ssb3_CbQH0AkW4ORCGdfBPJQGH8w5OqN-uVis_7r8h9MXiHaUV5bMJrGDSojjcz3Q0EQrvXgQYKiOMv4lA0FhJ1-8SG265wjNgZgTj_CZzuIguBYOSMJ6fXuncUINAvZtMZw4C7kmze7t6JpgCYAdUTB4-1w2XzviR3rCMQz7T0mLYpH5OZvK8BRZFzenyZR8TU5yh8d4taYw6tdauhYW0MrZcrDKTbRy3sBdXD8PpFCNV4ctmeZ27ZxAAPdinZjpTH4oHRG-8KhhoUsj8eN5fModeq3Jw60_UB2NstJLOnmApQp_oGzvjk2nQTTWUjC7RQz-B6rGMO_xgEviBP5kijf5GJI8FrJM6_9XvI-WnDEzPntQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D3953181476%26adk%3D3359639956%26adf%3D402917734%26pi%3Dt.ma~as.3953181476%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223885%26bpp%3D1%26bdt%3D1110%26idt%3D1%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x280%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fimgbly.com&random=7706648258747&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 188

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758

Request Chain 192

https://fw.adsafeprotected.com/rfw/st/1956845/78353831/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1016043604&ias_pubId=pub-3860072030774975&ias_chanId=1&ias_placementId=20991824298&bidurl=https://imgbly.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hvpVjFkY9U8QHx9fqECIxZ&adsafe_url=https%3A%2F%2Fimgbly.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fimgbly.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240207%2Fr20110914%2Fzrt_lookup_nohtml_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-3860072030774975%26fa%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:42a7214e-1b76-329e-e21f-be11142c0787,c:3JCZiH,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-85f898964d-g9stn,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:288,mot:0,app:0,maw:0,tdt:s,fm:u3NsbSK+11%7C12%7C131%7C132%7C133%7C141%7C151%7C152%7C153%7C1611%7C1612%7C1613%7C1614%7C1615%7C1711%7C1712%7C181*.1956845-78353831%7C1811%7C1812%7C1813,idMap:181*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:381,oid:3ea171a1-c751-11ee-86e5-9a7332d63c65,v:19.8.481,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

224 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgbly.com/
Redirect Chain

http://imgbly.com/
https://imgbly.com/

30 KB
9 KB

779ms
677ms

Document
text/html

2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 049497373816b6cb99b00ff57eb1c84ef65687fe0ddd3e5de45a024ae34bb33a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 852c8af82d094d3a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 13:43:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sopTq%2FK8jTIkN2Aobylo0MRm2Fp7n022tzH%2B5WSj9O%2FPyIYoOUH%2BGA32%2Bh0WEazc3ihWF0F0WwhtbWZet5p2dPLsRMEN7MvhkZmTjihCX8rSILCcuzd5Z4Nu3K5aR9KkNNeb2L8OYfq9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 852c8af72ba82bb4-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 09 Feb 2024 13:43:41 GMT
Expires: Fri, 09 Feb 2024 14:43:41 GMT
Location: https://imgbly.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvFL93rYei%2BRRkjHn5VmqL8fvbbaW3SB36E0t0Bjm1jrtgoRqNLIz2%2FgOtZWauwf7vsewsi8HZ8OuQX9CaWhgBBngDnFN7IxnsN%2FNLFrdPleiuSARAYSXlr1xC%2B8oirIng2AoSQcU%2FNe"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jqvmap.min.css
imgbly.com/assets/libs/jqvmap/dist/ 613 B
625 B 54ms
49ms Stylesheet
text/css 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/libs/jqvmap/dist/jqvmap.min.css
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d26b3f38f5adcf544dcb92bd5ef604d67ac7300a28f7f8b072ae0e9f555a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6332
etag: W/"265-653509d9-20114b52;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b69Iq7Ux2L5F1nwjI6dWo9kyHgq0kc7mw05Tx64iTOrkQMmC0Vt403ghTX2WmCzXvKXzfiwFRUaJMuy%2BJkn3HFpYd5ypz6kUpGfP%2BspT4xt4oM%2FcPFKoYtESa4A2p%2FmdRB%2BjrXRE0GXs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 852c8afc8b134d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 font-awesome.min.css
imgbly.com/assets/fontawesome/ 30 KB
7 KB 56ms
52ms Stylesheet
text/css 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/fontawesome/font-awesome.min.css
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6332
etag: W/"7918-653509d9-20114c55;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eozHDGslJJuZXuNTtrV40LXerLawQV6ewrbNZtpJfUnjVVw%2Bq%2BPni7AMUkFfAT2vJsQjcLF3mFyCief9jpaNH92fEryyZeVgWfdFkj%2B8rU959lb3lc6ywKMPpDiGnZzi9ys8JlLdNf%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 852c8afc8b194d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 font-awesome-animation.min.css
imgbly.com/assets/fontawesome/ 18 KB
2 KB 58ms
54ms Stylesheet
text/css 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/fontawesome/font-awesome-animation.min.css
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4b03a6c128b46647ca81421d1b1db2577751a66b09c13677c8d753cac18c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6332
etag: W/"47d3-653509d9-20114c54;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEKDsk5SAqpZ3Vrp5TDpNLykeAmBlc0ppf0BXgIeQ03cWitQ0dvL5uF%2BUik28zGDwXum5wMadI%2FjJ2gisRjcKi3ON4DWwCa6U9tEBfhshiPeHT0BF3dq4YDHBbVSTk0LPZa7u%2B3OASgM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 852c8afc8b1a4d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 dropzone.min.css
imgbly.com/assets/libs/dropzone/ 10 KB
2 KB 54ms
51ms Stylesheet
text/css 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/libs/dropzone/dropzone.min.css
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0202fcc8498d7cbb42a47fa0629f71a89c220c84c6a9cc006c8f2d09f9d8da5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6332
etag: W/"2676-653509d9-854a0d6;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZfSStfBeixK1NDMyiQwszlZeBJ1FRjkinW7fKoDxxAD5t4qAdzcEHxZIOzoxJcfpcPcTmbH72oOFTOhH%2B5SgH667E17LOHVlQkm2CHk2pk9p5%2Fn0UtFvs3lWu4w8ZZq0U%2FLr626moRD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 852c8afc8b1e4d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 app.css
imgbly.com/assets/css/ 257 KB
41 KB 655ms
653ms Stylesheet
text/css 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/css/app.css
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c65407ed2873d7740b6a96e097fe6a1ba9e7e5f77cbaafe0ec940fdbe9c072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=349451
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
server: cloudflare
etag: W/"5550b-653509d9-300efe47;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92dUuMSC15oyWaGj%2Fzg78SCZa1eHpntETLPEN5PXgTMosCfcvj83sYxrNjtY%2B%2FEB4jDgnvHRPOqM8wrHnsO0bGpRtpdeSh5Nu6RIdS6bJsqfEBamfLgc2fzwnVgxu7bIwN0jgbgp46oS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 852c8afc8b204d3a-FRA
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 app-vendors.css
imgbly.com/assets/css/ 7 KB
2 KB 645ms
643ms Stylesheet
text/css 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/css/app-vendors.css
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d038f7fc3a36d730ee92b07dbb9b594d19c27fa217be9b9cf9e1ef8c87e04af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8628
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
server: cloudflare
etag: W/"21b4-653509d9-300efe49;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1Uu0axFxYa%2BoJdeF0JM%2FDgU8%2BqCRqQW9J6GvdDTy4zCDIdFO%2FPHXQiEBrg8gxUVQS4odPlrKp5snuHy7GRBZSjCj8UrgNOauTUKbo7UzZnb94av3I2uKh8QYOTtTT7vJkOQtompPrPF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 852c8afc8b234d3a-FRA
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 ibob.css
imgbly.com/assets/css/ 11 KB
3 KB 575ms
573ms Stylesheet
text/css 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/css/ibob.css
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c6522aa1ef26543ea4893fcaac28a924ab95ebdeaffb0a4c604c51f7fddd313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=15789
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
server: cloudflare
etag: W/"3dad-653509d9-300efe48;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCuEXF17Tyx5BEi0qdvRxZpA1RFgzbTrkjAFX3AFPHTVK0IhxzwuD5U8L4F41tTtI5ZTmvwfx4izy%2FpDlxG9VpllIIx0HaJBgqEF2e0A6fLzDAY5Trtym6Bmpvd0v%2Bf8ALOjY4G9ZZ4G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 852c8afc8b254d3a-FRA
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 177ms
88ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3860072030774975

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9b7b7234549c7f952bd2fbb8a4def36253173c3c5b214fd1690c72096d3d5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Origin: https://imgbly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51575
x-xss-protection: 0
server: cafe
etag: 13671150335265978604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 09 Feb 2024 13:43:42 GMT

GET
H2 200 logo.png
imgbly.com/images/main/ 32 KB
32 KB 107ms
103ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/main/logo.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4a9204a5958e5b3e69497c7d3e30b17181e4d17f3e9ea9ef90384f0340e7bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6332
alt-svc: h3=":443"; ma=86400
content-length: 32567
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "7f37-653507bc-300dec52;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9gwqAClrZ8pKAK59JUHRjBwR7nfIyYnhupHHTX8hIJe01nWR%2FM%2BsnEqeNjckxHr76mXmnrsSeWvJr8ikE6BcPRxnmdRU5tIPRnneELmdnBPVI1qT5hT6uaFRsDcn4YCO5zgDswPL%2BXf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb744d3a-FRA
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 upload.svg
imgbly.com/images/sections/ 653 B
714 B 54ms
53ms Image
image/svg+xml 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/sections/upload.svg
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88eacfd89ad3962cd8da9ecbaed2162f28e90a4a5551332f421bbfbd360d95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6331
etag: W/"28d-653507bc-445ecbe;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl5CFcViGYDbk7%2FGbrAaS6aRV7iWQ5dwGnptRDmRx0ab%2FeXgRoqSW5ApEeivZC2hhsY3GEtADAUDL%2By8XMtj5QnDX6y5U1x11qiLDMYyefAvwF0yEUtQ4kO6nSYpgPn3YkXMtkfCxMcz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
cf-ray: 852c8afc8b274d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 F43vBDgXFV.png
imgbly.com/images/features/ 9 KB
9 KB 109ms
105ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/features/F43vBDgXFV.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac5676b687415cdba5ca899b5f51812b5af0ed1a61b16b969c7968d602b9e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6331
alt-svc: h3=":443"; ma=86400
content-length: 9159
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "23c7-653507bc-445fc88;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGBWRwUI2Ru9mTAgaL3p22dOLlMekKXO%2ByvumMXbnrDzB%2Fd6Fo9q8wq%2B4gs7PwIobGrQ%2BF5cRAsV4SusjZmqJNelbsjWV1VQRz9RzZP6gwoAH3NieuSpIHuhD%2FtDf17rdGYFf%2B1p0vn7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb764d3a-FRA
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 MEZ8PgdX6a.png
imgbly.com/images/features/ 12 KB
12 KB 106ms
102ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/features/MEZ8PgdX6a.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b5937891c335ae7d0af25401d5dd574164b9b68f1a444a3788aa47513d0338

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6331
alt-svc: h3=":443"; ma=86400
content-length: 11900
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "2e7c-653507bc-445fc89;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kw2YD%2BVKvJsaJQ93TlpsIhu8pjY2c%2F5FsE9UmBtudUM%2FmlHhmqIFpJsZ2xM0%2BUoqGvEjwSDy808hz0wPFbnDlsZBjvHNn6P0h%2FiZjS3MwK4QL1u7Qj1QaIDXKJ%2FnT04KvKnDqhkGzjvV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb784d3a-FRA
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 MFgKeKQE9d.png
imgbly.com/images/features/ 8 KB
8 KB 107ms
104ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/features/MFgKeKQE9d.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 472100674e843eff0fa35cac2680f55b59ebca8f3d35370becdeeff12cd93c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 8038
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "1f66-653507bc-445fc87;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44oq8%2B6kPpgkbBVXrPOVeVyikbIwxDS%2BvSaMjF%2FwODpWe0GXMF3T6Ea%2BPwf7ToRi54dBszikxDVmYOVSH8%2BIjncHxotTOUNaPZuKlnF8mg1mrYV8ZMRRrjiR9AYgSQ02iOIkqFidXjPJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb7b4d3a-FRA
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 9nAVJMSCoe.png
imgbly.com/images/features/ 5 KB
5 KB 106ms
102ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/features/9nAVJMSCoe.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a02f3d42a87e4f8db0d12b71838ec5cac3a6396e5749b34a281e21e7c6ddd14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 5104
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "13f0-653507bc-445fc85;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5CV5OX3bO07wOAJlq5QzJs9MXE5KBXvWsGW%2F2eLnzc7TishhKdutKk5R7ju%2BpcfxhtcP7wIR11%2B5zaMKVy0UMFw3gqMLqT8FyPtw3unbRT3hRgw23qbrg4kqG8fGtwg7Ny1g4pRxjg8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb7d4d3a-FRA
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 6Vj9iWYCwY.png
imgbly.com/images/features/ 3 KB
4 KB 65ms
61ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/features/6Vj9iWYCwY.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0444ee8659e61802b95d49ea403263c6b05213b5084679a087566fe8375c0fea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 3445
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "d75-653507bc-445fc84;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r6ClZw9RkFMT45Nu254R%2FtXn1SFijhoPWwuYoT9iQC3zKSmQEo6PZZlstkf%2BpSHblIcyY5dASqJ8VdVyxvHWfSOPABt3U0UD23ylksvdGkVzQRlE%2B%2BbOFZY3LvkuQzSnxfuuZhBtfLP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb7e4d3a-FRA
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 nH7VwY6KoM.png
imgbly.com/images/features/ 7 KB
7 KB 68ms
64ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/features/nH7VwY6KoM.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a8e439450d976c2724efb04a446febc736ff4e11859260174ef29ca7a3c716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 6918
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "1b06-653507bc-445fc86;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhDwS%2Bs6%2B1ugjTdyhwuMVAZHUNI34D3vtiwWgFz43NqEN776mDb%2Fs62%2FLD%2BZyWCl4zzrZ1hIYKQC8JYnPNd2%2FDCmkARmAxZlNUdL%2FSQSGfuFr7%2BWmKr32LP1JbFm%2FUif8gfh1h9YIooJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb804d3a-FRA
expires: Thu, 18 Jan 2024 04:25:57 GMT

GET
H2 200 g12.jpg
sandbox.elemisthemes.com/assets/img/photos/ 23 KB
24 KB 333ms
52ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sandbox.elemisthemes.com/assets/img/photos/g12.jpg

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d7a1c4da005602febcf4f7d21b4c0b47b7d3bd51ea330fe3bfb6a9ae85c0b62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14751
alt-svc: h3=":443"; ma=86400
content-length: 23709
last-modified: Mon, 31 Jul 2023 09:54:32 GMT
server: cloudflare
etag: "5c9d-64c784d8-a11a5b02256bf8d7;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11jJgJy268qNlde61POUR%2BPc0sZy6c9hhuMhBc21mlJKTlPpZ4b5OKceqdRKDDm5uJKBpo0YcbIC8TBL3B0A1sbjqU2PGmOxkFXZ12kgsSDaiZO4aF5VWsdBN0u4EnWs%2F3MeSVWyCL0pWsGqb3lWoCGfcyVMIL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 852c8afe4be93661-FRA
expires: Fri, 16 Feb 2024 09:37:52 GMT

GET
H2 200 g13.jpg
sandbox.elemisthemes.com/assets/img/photos/ 22 KB
23 KB 349ms
94ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sandbox.elemisthemes.com/assets/img/photos/g13.jpg

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d179f6f83fc3f107db0b174491d3f1da7fc19e7c7bd211113b72833380d03c41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 185833
alt-svc: h3=":443"; ma=86400
content-length: 22862
last-modified: Mon, 31 Jul 2023 09:54:32 GMT
server: cloudflare
etag: "594e-64c784d8-26227d8b2c8b4c04;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaqIXsm3AzoRplOcLpftZmra8Usf2rpFHil9IKl69M40H%2BIiJJoRQS2a3NIsZzw2s0sPhwlJAlH51zMfU8Ud%2B286SNQLlX4F5ZtlQvhymEu4REFqC0nkUNVwaUYFqBFb2gA%2Fh1qr5Bsr2qlyqruO%2BogZHe9v%2BEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 852c8afe4bf23661-FRA
expires: Wed, 14 Feb 2024 10:06:30 GMT

GET
H2 200 g11.jpg
sandbox.elemisthemes.com/assets/img/photos/ 47 KB
47 KB 350ms
95ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sandbox.elemisthemes.com/assets/img/photos/g11.jpg

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f490aee0289565676e055c0a4e014bf01b4fa39c40a31e4656b37a48d089949

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254795
alt-svc: h3=":443"; ma=86400
content-length: 48015
last-modified: Mon, 31 Jul 2023 09:54:32 GMT
server: cloudflare
etag: "bb8f-64c784d8-f0ab6a6b8d9d3403;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYKiUKsl9NQoULIyYnfirXSlnamo4RJRmJnxKKO0%2BEYsXSQ3lipuTjSw6%2B6AYz5WldqIAfs9H3OS2PvFnIGXi6SpSgbJZ3h6LwqY9Jxcxo9Bs1VC55rWf8X9AcGY56032AfL9B8QR8ml%2BPEsOkdfXLRK1eWS4FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 852c8afe4be33661-FRA
expires: Tue, 13 Feb 2024 14:57:08 GMT

GET
H2 200 3d3.png
sandbox.elemisthemes.com/assets/img/illustrations/ 104 KB
105 KB 308ms
54ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sandbox.elemisthemes.com/assets/img/illustrations/3d3.png

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec6ca525424d8cedf0c213f9730d89e4cdba7fd38c2d79b24ed5557a86234e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177997
alt-svc: h3=":443"; ma=86400
content-length: 106786
last-modified: Mon, 31 Jul 2023 09:54:31 GMT
server: cloudflare
etag: "1a122-64c784d7-71fd08514d455b6d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5CScRzJR0kfsPKAXnou2YQW888nHVQKf3eGVZl1DXTDtyxp%2BWLp%2B6ckJ9XMgQw%2BoyK2Lc3vzVJgd2c5f8X7gwPdEVhiWE4Obv8kCSGdJLSZbcXCCSSk6EUodb0bHbRPUGUld3MWxMPKXryobscef0GqD3q3NyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 852c8afe4bf13661-FRA
expires: Wed, 14 Feb 2024 12:17:06 GMT

GET
H2 200 SZqBc3cjEpGl5WX.png
imgbly.com/images/blog/ 458 KB
459 KB 107ms
104ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/blog/SZqBc3cjEpGl5WX.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 058c1c2cf9a1b591646575a669d1f8e27c9e788eb72d97104d192c1e126d3139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 469019
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "7281b-653507bc-140d1ea3;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7agUxbNSo2f0e%2FvnwgyQWfzKGHYY%2FFh9sVNYpE6m0NofU5R9x0%2FVILAxcCTCTHgNadXVwKwZoLv6fzs%2BY1%2BV0JziHx3lWNWnTRjzELfzjcYhaVEzKaTa8RP9C0QPbcAF3ZAzAaumQOV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb814d3a-FRA
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 SVmajadZwrDUv61.png
imgbly.com/images/blog/ 582 KB
583 KB 106ms
103ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/blog/SVmajadZwrDUv61.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7296f4aa15d1fab96593661d2f7294a320b49f320a9d7e475de1c336f113b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 596012
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "9182c-653507bc-140d1ea6;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRiSBSfUPtm5YS37Rf2Lxf9SKac00f5zPtypkYpZmdpx55Cxsb8jkxRIRNt9AbAdiycVFYJ6A3hKEOQGXxUQuEyHN3F%2FRXXPepl5Opoyhi3%2Ft8jIlf%2F4mlRSr0WJ5OOBbvOzxOB8iqA0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb824d3a-FRA
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 GGIErFDn1KZ2hhm.jpg
imgbly.com/images/blog/ 191 KB
192 KB 106ms
103ms Image
image/jpeg 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/blog/GGIErFDn1KZ2hhm.jpg
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4033998f21de5867245e1fb9162496103dcd1174003bf2a00b91a10873552eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 196038
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "2fdc6-653507bc-140d1ea0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BbhS9rejwJDJMQdN2Vk%2B8S6fi6bfUm5Y1XPs17Kfp33EECo88XgcG7fjT7cFl5wOpZC9FSpNhoM3l%2FgT0QWaTJXJ7ocG4QnC9vTZPk0hOqPmxzf8%2B1xbIw9Fv0RAPsK4e0bdYkJZGDk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb834d3a-FRA
expires: Fri, 12 Jan 2024 06:21:27 GMT

GET
H2 200 yyhBq6ioRPfwYH2.jpg
imgbly.com/images/blog/ 469 KB
470 KB 108ms
105ms Image
image/jpeg 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/blog/yyhBq6ioRPfwYH2.jpg
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23559bc69ad9211a5dfb5100552b190d370675ef552ca8197c3df942175f8cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 479899
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "7529b-653507bc-140d1ea5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ct%2BBHVsPmDhM%2BVKXP6%2FvqFUPA%2FIvibKepKa8jyAyNqg1iSUeBehu9jlM8P0vy%2BmWoerJ5OLYjCjQHhQsnv2P%2BB%2FbaVC7vjMg1HoAeAVhfdffjGYcah5hIi4Dk0%2FVecsbis1ePblv4w%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb844d3a-FRA
expires: Fri, 12 Jan 2024 06:21:29 GMT

GET
H2

200

twitter.svg
unpkg.com/simple-icons@11.3.0/icons/
Redirect Chain

https://unpkg.com/simple-icons@latest/icons/twitter.svg
https://unpkg.com/simple-icons@11.3.0/icons/twitter.svg

565 B
515 B

57ms
57ms

Image
image/svg+xml

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unpkg.com/simple-icons@11.3.0/icons/twitter.svg

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e7e73ba9813f46b7b95bc707704ddaf5367048c6571e07a4ff3cd3ba18bb04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1077069
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HN6YJJG4HTHAKD7PHJD2R0EB-fra
server: cloudflare
etag: W/"235-LOFFs2IxmcaMMbr/LFh1yBXKGZc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 852c8afd8d2b1e5a-FRA

Redirect headers

date: Fri, 09 Feb 2024 13:43:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HP71FWQ2F9RFEHXDX4H4SQMP-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 272
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /simple-icons@11.3.0/icons/twitter.svg
cache-control: public, s-maxage=600, max-age=60
cf-ray: 852c8afd3c831e5a-FRA

GET
H2

200

facebook.svg
unpkg.com/simple-icons@11.3.0/icons/
Redirect Chain

https://unpkg.com/simple-icons@latest/icons/facebook.svg
https://unpkg.com/simple-icons@11.3.0/icons/facebook.svg

542 B
461 B

55ms
55ms

Image
image/svg+xml

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unpkg.com/simple-icons@11.3.0/icons/facebook.svg

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b06d18d844ed621b89faffb1a33440cc0ec4f1ffea9f36191f50db19a47c59a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1077069
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HN6YJJG6G0F1DNRJ0C39BD9F-fra
server: cloudflare
etag: W/"21e-pwlu38yGc/cxvVJmSznzzVKR5og"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 852c8afdad4e1e5a-FRA

Redirect headers

date: Fri, 09 Feb 2024 13:43:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HP71FWSD1BEXDZ422VXXNPRS-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 272
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /simple-icons@11.3.0/icons/facebook.svg
cache-control: public, s-maxage=600, max-age=60
cf-ray: 852c8afd3c861e5a-FRA

GET
H2

200

youtube.svg
unpkg.com/simple-icons@11.3.0/icons/
Redirect Chain

https://unpkg.com/simple-icons@latest/icons/youtube.svg
https://unpkg.com/simple-icons@11.3.0/icons/youtube.svg

459 B
390 B

54ms
54ms

Image
image/svg+xml

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unpkg.com/simple-icons@11.3.0/icons/youtube.svg

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5038808acbbc4e6edda16cbeb1cc6dec80e4e4ee4e227e039c41229fa222aa8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1077069
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HN6YJJMQS9EMCTAMKW74Q0T8-fra
server: cloudflare
etag: W/"1cb-gnP4h/Zzv6hrMQwg6sIB1AAWqts"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 852c8afdad511e5a-FRA

Redirect headers

date: Fri, 09 Feb 2024 13:43:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01HP71R6JGZF4TDFG8ZZR0SHHB-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /simple-icons@11.3.0/icons/youtube.svg
cache-control: public, s-maxage=600, max-age=60
cf-ray: 852c8afd3c8a1e5a-FRA

GET
H2

200

instagram.svg
unpkg.com/simple-icons@11.3.0/icons/
Redirect Chain

https://unpkg.com/simple-icons@latest/icons/instagram.svg
https://unpkg.com/simple-icons@11.3.0/icons/instagram.svg

2 KB
1 KB

54ms
54ms

Image
image/svg+xml

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unpkg.com/simple-icons@11.3.0/icons/instagram.svg

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f53af2d1fc5292ba1433b5c1faf50005ce6a997fa302d1816989929f379a59dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1077069
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HN6YJJMN154J1TAH8HMBW60J-fra
server: cloudflare
etag: W/"835-WMmA4IXVSEpjOX1lv8UNn9Jmt8s"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 852c8afdad5c1e5a-FRA

Redirect headers

date: Fri, 09 Feb 2024 13:43:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01HP71R6JK6AFEX3A655XSMK28-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /simple-icons@11.3.0/icons/instagram.svg
cache-control: public, s-maxage=600, max-age=60
cf-ray: 852c8afd3c8b1e5a-FRA

GET
H2 200 app-store-png-logo-33123.png
imgbly.com/images/icons/ 59 KB
59 KB 106ms
104ms Image
image/png 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgbly.com/images/icons/app-store-png-logo-33123.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34570e89cf00b996bc897caad5e37f2b8441b1a800f9e1eda018fee38f173b4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6330
alt-svc: h3=":443"; ma=86400
content-length: 60233
last-modified: Sun, 22 Oct 2023 11:30:04 GMT
server: cloudflare
etag: "eb49-653507bc-2011300c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O62qECQ9wn%2FzrZw7juOpWVtHbqpyTQXFZnuIuSP4oQdBqPgGRHLadhf6SChVCa%2FxRKNowgw5kLI%2BTezyhSqkr8W4YurhR80v0cJPlr7dbyvEXnpMHrkF2hj%2B3%2FbaM1iFk6HNJgj0G80O"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8afccb854d3a-FRA
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 404 google-play-png-logo-379hh9.png
filesharer.cc/images/icons/ 0
0 715ms
606ms Image
text/html 2606:4700:3031::ac43:c32b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://filesharer.cc/images/icons/google-play-png-logo-379hh9.png
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c32b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 email-decode.min.js Show response
imgbly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 47ms
42ms Script
application/javascript 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imgbly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Feb 2024 15:36:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bd0be2-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAOMgLaXNSyAKFsMZj9EOTpM6xZXcvXwSo4z07IBNZLRHQDqqcx9lhCJrkCHEYOzf610clkxBn3jB1lkEG9%2Btk8T1UBTkNiX9PN7WKOE2YQ8IBUy1UgGsJha755HSv%2Bm7QTRNK1dSFFH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 852c8afcbb594d3a-FRA
expires: Sun, 11 Feb 2024 13:43:42 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
imgbly.com/assets/libs/bootstrap/dist/js/ 79 KB
23 KB 109ms
104ms Script
application/x-javascript 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/libs/bootstrap/dist/js/bootstrap.bundle.min.js
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68b0bf411a92a35e893822d6d5f0043af95ea2f5b29038a508931407faf2574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6332
etag: W/"13b85-653509d9-300efd1d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMXv2IT7FxH0uBRUW5%2F7%2Fyo3PHpsH%2F2SrtaKLe5tN%2BwxR1LIr%2FxnjPfQ1Pefv3fxPBII7Dw%2FS2bh5yR0ds7L6d%2B%2F4qTfVIXWsYrYlr6BsXLIjn6yE7AESZ1vo2ngEeKXjxKNDt8Po01B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 852c8afcbb5c4d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 12:44:29 GMT

GET
H2 200 jquery.min.js Show response
imgbly.com/assets/libs/jquery/dist/ 87 KB
32 KB 70ms
65ms Script
text/javascript 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/libs/jquery/dist/jquery.min.js
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6332
etag: W/"15d84-653509d9-300efe40;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqYdZwQT2Z7uS0bWUq%2Buc1cNV%2BaUiVk4Wcwa8AnfuH9V9Xtln5v1FrOlZQoC7WyL%2BNSgxf6CcRsnmF5WDhOl4K4610ASF%2FtPlyDONCzLISDqdX4iPdiHp6PXbVbClYj9VUv38palhOTP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 852c8afccb6a4d3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sweetalert.min.js Show response
imgbly.com/assets/libs/sweetalert/ 40 KB
12 KB 68ms
63ms Script
application/x-javascript 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/libs/sweetalert/sweetalert.min.js
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2118
etag: W/"9f62-653509d9-300efd1f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB0CZNKAc7%2FpJzf5hh497qQbivHyLCZvGMzcAri3xQo7ABdn%2Bi%2FzPQJd95%2BuC4%2FXamO%2Bg28hfp0JnH9G0ApDb9fTjkQ3efcVb2XxMU6tP1fgiRIoduBz%2Bxesi%2BLXLJUytLq0BAb5g8X3"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 852c8afccb6d4d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 app.js Show response
imgbly.com/assets/js/ 83 KB
20 KB 68ms
64ms Script
application/x-javascript 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/js/app.js
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf9e48f0d497a6c7a26fde5ea0409ac76c23cc1b606abead547d5de2a1affad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6332
cf-polished: origSize=146432
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
server: cloudflare
etag: W/"23c00-653509d9-141340b5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e55V9JuA6fUgMdobsGruceDG6SBfeSpH6HFVbWtK2niQ9gNlOnieJn902e7iyiT%2Fc9SX7e6p0mYPc3Zt6X6i7Z2k%2FWcmceXQCOpNiQQrOGylajAdzfWJpXocw%2B7XFLKKpgQ880iCn2mb"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 852c8afccb6f4d3a-FRA
expires: Thu, 11 Jan 2024 12:44:28 GMT

GET
H2 200 dropzone.min.js Show response
imgbly.com/assets/libs/dropzone/ 47 KB
14 KB 67ms
62ms Script
application/x-javascript 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/libs/dropzone/dropzone.min.js
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6332
etag: W/"bc15-653509d9-854a0d7;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8cYYOUhmSjo0wU%2BEOvMiiatz4jsbDko7aD0awGqnGXiYvrn4xM6oLJtyt232WMcucn0ZOTb5vUsUoG1yOw8HhhBep0HEPVOButL8gQd9rzems3QD3cDDbtZTI0zd8nuoGMAhWCutLb%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 852c8afccb714d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:00:36 GMT

GET
H2 200 ibob.js Show response
imgbly.com/assets/js/home/ 3 KB
1 KB 109ms
105ms Script
application/x-javascript 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/js/home/ibob.js
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eddf8f4c033fd5b8c4f3c3e982b3242625f4873fc65df6aa606659c2399a622b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6332
cf-polished: origSize=5024
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
server: cloudflare
etag: W/"13a0-653509d9-141340b7;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GYUBLySFtGCp3J%2B7mL586QwTMCdIr7uvPAWBimaUy16IN942GiOTBrnsDjuLvlcuNA3gDOYqEPNclnNSP4UB1hPlQHl8t3CKOgTG6qNuvgpEHJDejPVz86fvJJJRyTWjDDdoy3X7eBB"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 852c8afccb734d3a-FRA
expires: Thu, 18 Jan 2024 04:25:56 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 396ms
49ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8328841cd636c0a1f0da9ec78a2986b066a19cb18e10a1ff9d2f0d3ea19a6aa4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 09 Feb 2024 13:43:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
87 KB 157ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S96N80QCJV

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dadc34328c99d3a7cc366e4ac034af8caad2487295e9368a7d1a4b71dcaa2f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Feb 2024 13:43:43 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 406 KB
138 KB 180ms
99ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3860072030774975&plah=imgbly.com&aplac=true&bust=31080932

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3860072030774975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac7c70d2706c233e748a19a2471e907d4d174f5c0b86bd1e6cca47715865443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140916
x-xss-protection: 0
server: cafe
etag: 13418456254459087194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:43:43 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 2618 9 KB
5 KB 127ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3860072030774975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 18:34:11 GMT
etag: 9539045072340585784
expires: Thu, 22 Feb 2024 18:34:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9560 230 KB
61 KB 480ms
479ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&adk=1812271804&adf=3025194257&lmt=1707486223&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fimgbly.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&aseiel=1~2~4~6~16&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223064&bpp=4&bdt=289&idt=286&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1814987950648&frm=20&pv=2&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3860072030774975&plah=imgbly.com&aplac=true&bust=31080932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13308613746e5121a5a6ee121a89634154f323f34814cde054206fd0ce400ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61741
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 384ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: imgbly.com
URL: https://imgbly.com/assets/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 13:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 13:05:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 13:43:43 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgbly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:01:40 GMT
x-content-type-options: nosniff
age: 135723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:01:40 GMT

GET
H3 200 fontawesome-webfont.woff2
imgbly.com/assets/fonts/ 75 KB
76 KB 50ms
50ms Font
font/woff2 2606:4700:3035::6815:2e59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgbly.com/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: imgbly.com
URL: https://imgbly.com/assets/fontawesome/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2e59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://imgbly.com/assets/fontawesome/font-awesome.min.css
Origin: https://imgbly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3844
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Sun, 22 Oct 2023 11:39:05 GMT
server: cloudflare
etag: "12d68-653509d9-141340bc;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpHCbPLuhEYT6JcJcHJUNfJbS09%2BgtD8wPcfW4IOSjsp7PgplxylQbXuYz9MI8pZOyhvVhTJjkrh1YpQqJpBZiVcBmaKJ7xrGvLNx%2FO6XR9tacZta%2FYlMNf5M0%2BlNuhnwFe4eM6zAiUh"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 852c8b030ebd9134-FRA
expires: Thu, 11 Jan 2024 19:56:02 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ECA1 104 KB
44 KB 501ms
501ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=6165245991&adk=1845920765&adf=908614852&pi=t.ma~as.6165245991&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223828&bpp=8&bdt=1053&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ebd0bb5d4fff0a1a0c442fb0e0d007be547dd97413e9a25b1e1b91193db690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44750
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1ED3 57 KB
19 KB 512ms
512ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec7083d24205bc66e4caea47afb2ea79b1ace9a0d9e437f74a08fc956c765d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19617
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80FD 105 KB
44 KB 688ms
688ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=4108824645&adk=4077765493&adf=142128293&pi=t.ma~as.4108824645&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223860&bpp=8&bdt=1085&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=309&ady=638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4f3c995d52401948e3af0c2a85277c3fbdd2ff46f4d52fac41747fd700a4c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45138
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52F2 29 KB
11 KB 621ms
621ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f393dc7a65b2b24b8c3edd839301790404c2a751e94bad04ba5088b010d7e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 493 KB
197 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Origin: https://imgbly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 14:35:50 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 221ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S96N80QCJV&gtm=45je4270v886261664za200&_p=1707486223929&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=162039224.1707486223&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707486223&sct=1&seg=0&dl=https%3A%2F%2Fimgbly.com%2F&dt=Imgbly%20%E2%80%94%20Free%20upload%20and%20share%20your%20images&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2084
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S96N80QCJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgbly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 225ms
50ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S96N80QCJV&cid=162039224.1707486223&gtm=45je4270v886261664za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S96N80QCJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgbly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 239ms
65ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S96N80QCJV&cid=162039224.1707486223&gtm=45je4270v886261664za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=65573497

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 165 KB
56 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/reactive_library_fy2021.js?bust=31080932

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

474e2f5ce1640e60058c8c72f84b8585381cdb81e62d85d3907b9aadcfbf0eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57067
x-xss-protection: 0
server: cafe
etag: 17757437066664798812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECA1 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4L6QUXRqOl6y82zAW-ca1KUvwEa5bsaPNcL1LRo01rwWdeWULp_DxpwPHbCoJntw5zioUz5azizwapEg3_EydxaxWo6v6RiVptfmspzo8K-mtW7o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=6165245991&adk=1845920765&adf=908614852&pi=t.ma~as.6165245991&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223828&bpp=8&bdt=1053&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B86E 624 B
246 B 77ms
76ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNVx261htZJM7U1NOjnWHXDExpgX9icYhSyhRPTKITdX6L7UmjlbTbfImRV5ovCq1WSk50ZFahJz85RCe7HspeJ5SXMWrMpQBKlQzx0RaCoKyu_m7RoTGsJuSWW_z8KVNcvS0zVucwzpo6X3ABd3ASTuZLHxT_AI-VFPj09cXlH3HIo7frs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=6165245991&adk=1845920765&adf=908614852&pi=t.ma~as.6165245991&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223828&bpp=8&bdt=1053&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame ECA1 111 KB
39 KB 140ms
39ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 00:01:39 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame ECA1 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 02:59:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame ECA1 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 02:00:25 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame ECA1 41 KB
14 KB 164ms
76ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:14:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame ECA1 3 KB
1 KB 138ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame ECA1 20 KB
9 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ECA1 205 KB
62 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:19:17 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame C4EF 93 KB
38 KB 271ms
85ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: br
last-modified: Tue, 06 Feb 2024 16:37:22 GMT
vary: Accept-Encoding
x-azure-ref: 20240209T134344Z-nb68mqnpd54uz6nhrmb5pak35g0000000b0g00000000s77h
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3cbbefc4-801e-00bf-6f1b-5995e5000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 64846142

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame C4EF 80 KB
27 KB 196ms
49ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 13:43:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Sat, 08 Feb 2025 13:43:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame C4EF 3 KB
1 KB 121ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame C4EF 20 KB
8 KB 113ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C4EF 205 KB
62 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:19:17 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B86E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
343 B

80ms
80ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNVx261htZJM7U1NOjnWHXDExpgX9icYhSyhRPTKITdX6L7UmjlbTbfImRV5ovCq1WSk50ZFahJz85RCe7HspeJ5SXMWrMpQBKlQzx0RaCoKyu_m7RoTGsJuSWW_z8KVNcvS0zVucwzpo6X3ABd3ASTuZLHxT_AI-VFPj09cXlH3HIo7frs
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FpxUSJgzqtb4hJnKYG1V1xJr%2BgFewyq61dDATwIBgS5uHSHo5RUhJia0vIepIC%2Bb44qM8IqE%2BFsg%2FdYnTwO0E2GBKZl64c%2BWYTGzJUfJx3RRAi04b694g6%2FNbLaF4uQ1xiLQV3mZ8EXEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b07df8d452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B86E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
738 B

70ms
70ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNVx261htZJM7U1NOjnWHXDExpgX9icYhSyhRPTKITdX6L7UmjlbTbfImRV5ovCq1WSk50ZFahJz85RCe7HspeJ5SXMWrMpQBKlQzx0RaCoKyu_m7RoTGsJuSWW_z8KVNcvS0zVucwzpo6X3ABd3ASTuZLHxT_AI-VFPj09cXlH3HIo7frs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8R2ZUL1r%2FwE1m%2FmLdJGv5FUYok0zFAwT2yw%2FdS3CEqRH%2BxO18G5C0acM8bUOc11GjiXKIZCHB7u1%2BuBkq4kUXPshcse3Re%2BQIiw09AmotvCgq9IYTyGSHDVOggUhRNI1ElbzBDwonkZvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b08dd3b58de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame B86E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFoGaEZa_oJG2tWaXi_xl8A%26google_cver%3D1

43 B
1 KB

46ms
45ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFoGaEZa_oJG2tWaXi_xl8A%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNVx261htZJM7U1NOjnWHXDExpgX9icYhSyhRPTKITdX6L7UmjlbTbfImRV5ovCq1WSk50ZFahJz85RCe7HspeJ5SXMWrMpQBKlQzx0RaCoKyu_m7RoTGsJuSWW_z8KVNcvS0zVucwzpo6X3ABd3ASTuZLHxT_AI-VFPj09cXlH3HIo7frs

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 6cc12c63-40d5-4d1f-8508-74add8b141ed
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 5197a7f4-5c9a-4dd0-b68c-be6f60d6cbf3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFoGaEZa_oJG2tWaXi_xl8A%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B86E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzNzY2NzI1MzkwNDcyNzY4NA%3D%3D

170 B
243 B

50ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzNzY2NzI1MzkwNDcyNzY4NA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 698017d8-1b4f-4881-9f97-44364f98d33f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkzNzY2NzI1MzkwNDcyNzY4NA%3D%3D
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame 52FC 9 KB
4 KB 42ms
42ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 18:48:19 GMT
etag: 9539045072340585784
expires: Thu, 22 Feb 2024 18:48:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame 5132 9 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 18:48:19 GMT
etag: 9539045072340585784
expires: Thu, 22 Feb 2024 18:48:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B6EA 624 B
245 B 80ms
78ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXYbnRS_-ldN2ngcFye6_HBatyEFpuZnioZT3I2ssWkjk4TgrO5t-VVhWoKXQcA9Hb1gE_LW1ZR-WJQ5qFDyXTnL9r5Rub8W3ilO51IcgZp25-JFj469NpeDerF86Pk2cSm-VMZRWXHWu2YgBT9hcvb2qw6CY7yWRAlvgj8Mow95twqDXY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AD32 93 KB
33 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame AD32 3 KB
1 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame AD32 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AD32 205 KB
62 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:19:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD32 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9QvDr4r-1sGVMF1CPvvRMtposOc3GvKU9ZFI2XNYWbixmCSXq4XmwEdGHZgQUwSbh4d0zILLDmvNoeCMIitKwK3XqII7vKKe3U2hyu0RTf6lqbK4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame ECA1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db21c3de2eac72ac3f463f1cdf2c4b94ef234c8cc5c8c3937809abd3a1aa02a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80FD 42 B
63 B 78ms
78ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1yHjc_3Kvncq8uVJdMs9kFevusK_4JSnLUvhsfnHVdF47wICL9vG-gQmImowwtN_rEPAofhKB1JET-sp1AXzQuRfVOIMcgS-xcdQg0VqvqGwVeEc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=4108824645&adk=4077765493&adf=142128293&pi=t.ma~as.4108824645&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223860&bpp=8&bdt=1085&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=309&ady=638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 80FD 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 80FD 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 80FD 205 KB
62 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:19:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 52FC 5 KB
790 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 13:04:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2B11 14 KB
1 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 12:06:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 2B11 2 KB
875 B 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 2B11 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 716E 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:38:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 2B11 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 2B11 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2B11 205 KB
62 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:19:17 GMT

GET
H3 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 2B11 37 KB
15 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 20:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 May 2024 00:07:50 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 52FC 16 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:47:02 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 52FC 205 B
229 B 116ms
39ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:06:02 GMT
x-content-type-options: nosniff
age: 135462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 07 Feb 2025 00:06:02 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 52FC 604 B
628 B 117ms
39ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:01:11 GMT
x-content-type-options: nosniff
age: 135753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 07 Feb 2025 00:01:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 52FC 22 KB
9 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:47:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8555 624 B
245 B 76ms
75ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLu6_oYCMAE&v=APEucNXqy99SooYJtXWlPwOhdKCYYbWDqxADlbN052bNCzrtnIfCldBSsbWyrkY7_0IPb3Wa5uKYfKZ4Zfuhdg_2SgXgcC3sal7FBD1Rvfi1-BFyQMhHl2CzqZCVYcnIFlKphsJi2wniqxitipSLaIqXdEUZDM_xmWNSZXFg2CgNfr7lxRWzinc

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7353 93 KB
33 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7353 3 KB
1 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 08:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:31:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7353 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7353 205 KB
62 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:19:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7353 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BB8qPcCR2SvgXamoQnvzh_U1oIOiks-VPe6qgeDM3mInJhzTv78Ng2dkJffM0gsHc7dO-mJScZn7Wh4dh12SXGlkxlJ-JcZ4aLoub92PPkRIuNnzo

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E0E 624 B
245 B 80ms
79ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNUMhyWNPZEHU9jMgp2_XRqZ3KRrbYjRNJx-otlC2pedfBH2MphrNamjRet_TeXNME0xM2UppLjaIw3Rpl8uBxpIbO6Q3LD7hQk5pEbCQrham9ePU4Uu4uWgIZ4Mw1QTsv45wWb_bZ4k4VjH1hE5UbrKQYmfdzbwf500vHon3usrPkoKsOs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=90&slotname=4108824645&adk=4077765493&adf=142128293&pi=t.ma~as.4108824645&w=728&lmt=1707486223&format=728x90&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223860&bpp=8&bdt=1085&idt=8&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=309&ady=638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 80FD 111 KB
39 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 00:01:39 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 80FD 8 KB
3 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 02:59:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 80FD 23 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 02:00:25 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 80FD 41 KB
14 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:14:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13832977830756705968/ Frame 2A3D 10 KB
3 KB 120ms
39ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a1649f2ffaf92d39b46ffcc2b2d42d21f1645c30bdfacecf5c949d40d86094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 135490
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3522
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 00:05:34 GMT
expires: Fri, 07 Feb 2025 00:05:34 GMT
last-modified: Mon, 15 Jan 2024 17:32:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame ECA1 0
0 195ms
82ms Fetch
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssaa8Da5IjB4gdnyKDEAjaLqhJoyGUMXOO6tYf5IKnE31ZYuXGLhXS4EZkfVzGu5L38YqpnOZHlDvL-EepyzKJUORe4m9RDPLHhSyUrh5pfXYMPzrVTJQfI3_S0UiC9KmdqSjbtK_arijdqP96M9plqW_syf0JB96fxzaSi_gHPQOJ260j8uFgsa-PNORDcjiLpOlZY5sAPKcibkUGjm8znyW7mVBrUSANosLKWL9CKPpo1c26Jn_7-g_xPYBcT_pj8OwtBP69XcHTxBSPH6dAg71rYtHC0kGKtNx30LyNe-kG_AFQB5Bl4G0RF7XNt7R2wJZzD8qUtMHYvfMXgWsAqCLFc4Uu29vB28XsUSKZMnl7Bbr3ckfTgggn-mJK0hgDpXX2IgQv7wo-fw3tkxtSCBpShHYLO5eDJNmv5GJUpMx9bT1MaH0y_X9gVMKErUm_vQ0tO4qjcsnxQ2MQmZV095D45FdhVq5IqDATAXS4SvJwaE718BG0Pdg8mcG8uPq5bYxJI7AvPWq_R4L5_Vw7waGS2kn5Ic86BDse4hyMt6hmpANAYbYK9u_Dl9kA5bIWAgRA6HYBoBqF9WR2Tg_XbCSGeLEbZB764jMy2vEYnsOOPhK--O6WNOsHlioIhRaiLb4hZToh4X17M_ps984Gqbb-LJPTEKs_ub5h_VqkJbicFDJHEr_sYBMA2aHqvtBYzj29LsESFHyA_BqS3Oi6EEk_0lZqfPAZ9Rr4_zYX6XHCCIzv4Eq2YdkaR88DLjO_xj7zYVG6dUxluB0Z31japwXUBkSKIGdkymTLKVTaC8MyIKrpx2quOhMhaXCqb3t9YHdsFz-FXpPlHYoViNkc8QqW79InBGDjKFP0Oql0UwRHF-cE2JOXar2DSMA_U7lGRBUUXkKCwaTuraJKAXO3owi98TYUua4m5g7NzZFglqPApm04GTOoEd22c_fLFIkeWMBmX3jr3iBB4vJ4377AKdjfVJDY8shzWI3VJG2s-o1jbIpfxXg6uZl7yvcK2yx5SI1pbBE1klXJLZwmntgqX3Q5mdC20zp4oROkBPy-cku5WevNVrPWB52bU8BP2XxvU0Ztv9qgMn8-zrjy7l4FAmwM2h6DA59DLYOdJCL5sRpZtgSQqip1rJ7kGq3Gk6FI9Z2rfV_yR-eYuquvpCH-QRff_ABlXa8fqDAGe1s1zzKlnrgUv-0-u28qfMMWizcD-kmrdCc2XqliaODc5gL-5_x4IZ4vh5ByjJu6wOCo6qC5_c4zChdMhwRDA7RfNpV7paiY8Bx85O_qeMdO69Nzr8YZQh1kLLzAEnoOYLKp8XFrcxgm5&sai=AMfl-YSGR2qOnPqcXaNUYnDTpxPaYC15KIMCXq17fEEuWRHcbxSRZgUeKm3GLsxWh0rvLI7AyzLoKihXz3VAd-TPbYcjp3wOf2-8NqMNMEA3TV5hRLqitdGjDH1LnC9FLm-FT9-AO2Kx2PPuQHiZIF6XM7sEWhOrL9YaiK3MA5wydyMm1H28ed52FE_FsyTAFEBzPObKGrJoYX_F17_9vWsuqshX6GV0oSdMrjZdQ4hdlSREmscZsEKGhcKi2W9T5WCG7pbq512FCZoL4krlzfPbjiuo8E7sEmxf0XOTdXDvQr-zQCtpaXH4X7Pz5JyB4Lbq9UiVQIZ7R_GhB2Hx-EIAMKWwtIcURIVCSwdubBePiQYPQ77O54uHZsU9aqhBVvA-WH8pjUhBwT__XjmBnQW2NPJFHq3C8_6FmGIvmWiWxcRLlB3eSUY5iY6sYfCPc-_ACvegwZaPz3b-_6ABgP_g-OO7c0tqErdWxkdXoiDNtOHvPJUU8JJ4QOKHT-EQx6YJ71l5DJNkrbFMVQ&sig=Cg0ArKJSzGH_ihWXj2OmEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGQyLmRlLGh0dHBzOi8vZWJheS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=313&cbvp=1&cstd=287&cisv=r20240207.40218&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F2CB 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 135035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 00:13:09 GMT
expires: Fri, 07 Feb 2025 00:13:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B6EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
735 B

77ms
77ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXYbnRS_-ldN2ngcFye6_HBatyEFpuZnioZT3I2ssWkjk4TgrO5t-VVhWoKXQcA9Hb1gE_LW1ZR-WJQ5qFDyXTnL9r5Rub8W3ilO51IcgZp25-JFj469NpeDerF86Pk2cSm-VMZRWXHWu2YgBT9hcvb2qw6CY7yWRAlvgj8Mow95twqDXY
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nih4pGji6yhQL1e7id%2BiKQo8bLe%2F%2BpNvw0AjS8bjuhcnrGYcJczxVaiKGulBjstKTKFxsEiXYNzRwpf3SZHO3uEB3nlo%2F6CRsgLpiPcm4zXAGLGfqXtpNgagbavZ%2BwMHnghUasy7DRL2ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b08dd3d58de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B6EA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
744 B

63ms
63ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXYbnRS_-ldN2ngcFye6_HBatyEFpuZnioZT3I2ssWkjk4TgrO5t-VVhWoKXQcA9Hb1gE_LW1ZR-WJQ5qFDyXTnL9r5Rub8W3ilO51IcgZp25-JFj469NpeDerF86Pk2cSm-VMZRWXHWu2YgBT9hcvb2qw6CY7yWRAlvgj8Mow95twqDXY
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UYq177SbE1Ugm9amxDKm167d1wHL5qu7IpuE5EY4bMK1Wukt0ruMxcV8%2FF5NgzbWW55fY2q%2FuJSZ%2FjSOS82a%2BokMZag6w%2B6rIesFhq%2FJUZNR%2BvigOFPOYRQ%2FJPczmqZ%2FLxOhBl%2FmpTOAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b095e2258de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B6EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

43 B
1 KB

44ms
44ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXYbnRS_-ldN2ngcFye6_HBatyEFpuZnioZT3I2ssWkjk4TgrO5t-VVhWoKXQcA9Hb1gE_LW1ZR-WJQ5qFDyXTnL9r5Rub8W3ilO51IcgZp25-JFj469NpeDerF86Pk2cSm-VMZRWXHWu2YgBT9hcvb2qw6CY7yWRAlvgj8Mow95twqDXY

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 707cf775-d113-4082-86ee-e31760f9e3a9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6EA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 6ed4671e-3470-4bcd-b434-bb45282e9f82
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD32 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7404615732059&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD32 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7404615732059&version=m202401290101&ct=77&x=1&cor=1683256605574566700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AD32 20 KB
13 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5L5a0HSiHqQG4BaaUxN-mk87swtn_MorVHFGfDLwW3YzE2mta1vE8-uF0M-zvWyfAVOHypWsYVr81tlS9i68eH2Fnm7tcFCpVRJFyvMbmPw2wmO18NjMcLIDAYbX3Sk3C5lyYGLlgqOP51WTht5rHf8ONx9Nw8veuRJG3qBJ1ldGm2vk&cry=1&dbm_d=AKAmf-CoVw5oF4mYhWBH-1tbeaHk5yU5imnkxP7SCj2D9LBboirxl3xBQ35I48fRiP0J1yroqcL54ichjZJFbpvFfTs6Ada5nP1U3CDPmCfHUWHz2MemWjTtinuJSxo1gWMxP3xhD5nnzA8vungN-8TOc2p4Hw838Ive1oKqDcsDcPztWZKUlntxMf6PuyLvYoezPKtznoGHt5H7y0B4OCf-LtiPYe8hMXZ90msK5HSmc81gbKuiLRSUNXi_xkrJtzXkI7i9GiwglDJBFFCrPMWup-zFe0rt72N0B3HxZcPUsCIht7FNC4RdMIHh7n6cCrpkF5iuI1e_c_pf96PiMgPMkCNyWFdU-1Ae-pkUVxlFoYlzySEAoN4g89DLy2Ns8eiC07VHcjqNMqDuNPy3tN-7n02h0nxaKgHA5ZHxiylpXC60Y-E5oLhAjZoPQEUTRnQ1YNPqqks7DB5qV7J6_HOenWvVCNcg4trvPMFGu4K2gbftlUZRzhhxV_qspLc-UZ5chVv3NiBT_ZZU3Hd79h3nU_IZ-mz8ysXxrMOgGxfSJ2VcmYT-gjWftrCnJB-0KwebSzVv7s71itPfgtXUiKrsBgWidGyWuLxNB6brwsBMxABuwjNsO185m0Mt8uRqpgeewVpZz49V1rjk4rxl6vYJpFhVfuvw7x45wIr2dbPpEsTXkORQB6K8zxgnuwqaVS4FtX8_E-XLJbkQkLcpKSxWkUpByLzvphtKzHv3FXa234U7Ne0y5QzeZhRyo5o0GxfBbthto7RvJbNuhrLDpoqDMjcgUY5Cu3aPlrC6i4AgOCinROHCYjnekMH_tt4DPvvclhSdJwlPVjuBinwwTYXdnZ9veHMMfgUlpuPGYbshGyCqR8eG8BO0A5zxEcZ_RjjJTzA9JnDdQ75_Nbx5uYZlGvY1E9jEjzBvm7U9_nZwV5qTgyeTlLScC2ZRm8KWACf7I0aJ6J12OLMAduvvehjEd6fkqBP-9dFZP2lXm8Rt8xT89jX5_O5hpMTnR1670Y9cqEebjFP2ZMfSa3hOSpCgZzbOtWICcgujlC2KJ_3MbL-aqs4fpo1K05VX4kk6QYBLJ5zn-cyi3cIUjFqczxJuXLYRob6kcrOK6NaSPPuxWFmIg5KhxJVLEaQpiW3bdlRavgi1_G2XMqbQTQPuY5I4uR4671ctsjEWESQVqRSJqRQz6HuD3z73eVv2Y7dP_0-57WSL8KUjRWgUkBTwdXTDHOmv8uKELbhc7SpcfXye6bMO3MSeu1eExNodSjSp7g2o0zfMkCfKKZUEi8s4lx0Xu1oYZ2uufz1UniGNcXMfl7rcSV7Giy2fcT7EkY1N06_G5k7TyMq1pV7mvhlkJLElXzunVVlhiHqmnIDSTko7hMoRhTNGc-aTtjuU0upyGYvmdZqCTK-PJP6YQ9DF3mwPmsyHlZY3ZKD30T1Tz2bKnImJkesmXuhvtSfwFiJqIv3CW1TnhIamw_haOi6N3JzKbZRNn3Gsz4g0n5UR_fGCvObQK6g1g3n8KnyMrOiiYW9FXMvjzY2vB5PAbLg0UA-a18GeR1LHKkUqRx3ECFy7GHrUOaxnVh3gaEX7-cxxnADNIk0mFVgDa6y3X3PyUwEy_pcUKUo0AK1FLEJRROGnXgOUcrVAzP8qh1xSvMp0W6lOJ6yQcDq-dYwlqmLInXTcjLwxPGmjKeNrd2PtYv-GXbDcplh_cgU0JFTYWK-yI4ZZhTx40YfaZwTvBo_9CPFKJ6b5ZKAXR_mGczzXMmb7ajWpfd3_yvE1m38EeTGWSFbgJ80rkgtNQOEYVbgJRdI-NiGEdiOYepIGjnRbGDIIdXklX-B-wogymz9otOdAOXsHRTEgD_T9-JRJePec7hs_7ymxkDhNZcRkL4rp-J9BCrZJmZJ2KCxc0qTa23DuxA_gxtzOarp0WzQOTG0hmRQKgfwc-GfHcERPBeGkqem4IuSy_M1fWW4w284eE5mOIbfo71DACfU5DngidosZiUn8gXoX5skCid8m6jrOStblsMU3R0TD7WAM5T5557TyjXQy_mjZjAJIWFGuxPRA6euGU1AubPs6lpCWjmhjpTPUT6q4HT7QjqkfrWGWavgJBbFTaj4oxj9Xg4-YWsBi3Y9ZBvpRKLVg1dR25NzYB_XF_EUHO-3c80_Ov7xbuIzeuMPK7gTzwpgIyt8sM9D3mn1On3u2hd73rWyztIT8VjWaPPz5XQlBOhIX0UMPBgzCwg7jzCSZBmV0WNYljGidey_2vIadoIakkZenTCSBco9F6cr_yOeK3VulXbVdlitfA2QFRDoEBPWI2k_VAoHBrkNfhbcxeikV_S7PopAhBxITUdYEu2ZBSiWN-xs8VLINASXowoPp33p-lO5stVtP3Tp0mkiJH8suQalgUNH0r905DFzUfBLWePSkw2OdzxTgCYrMFxC59E-CGgiFgfApSH1nPJ_iVqobmpYZ8eJzHml4w27nXFI2moHuOFlKXshc2hAPCzgxYlS611BA9QZG32E_rPyIMIh9hShEkd40NnHOZh1xkCJQpgbWlyAju8fyLbelh-E4mCSvBEFtue5BxgEKzIzOlQ-RLSCxiSZYSOHVefRu87Pm7Lu5RCEikWNjyI3uP1_D6hzXrvaixuVnp_DnBhkbCKXwNnIl_IULIBxjOvcvDlvJDDs-Sm1G2HOUw39fuOu8r2IdiHfwAL0z5XeUia99A2SupmFBOaxABD0Dyz_VVn78_ZIS9wC1y4CBZMWG_LEKxJvmVCYyKx_hnEUiKE1bcItpW9edTe0UJiKiy5_9eeJ8xpEKTJASeZUSgw19o1gxBpxU1tkqHAXDcR0ZkwfHnrRFMBHziYAuOZ3qtvNTZKNElFlXN1wMSST5HyEH_OdY2XJ03rG4ZHXQ3pXqw1EQTkG4QgHW4hHuXLz8JFZsHPjsUmM3DSHYwgpvxC-GIJU7tl1bTyI_WHqxt2nSw3lx63GQkMkcxSDDnopD3VIKyIMuQlVHWpfFX9btYrXBTEkjtrFpoCANSUVvDQpPYg6CNalyveLM57_W2Ul89DT0DAw7t5Nw--ye1kTiuxeYn9J8MHPB-dglMODxaArDV4ghh8N_JTLsPxLmC6-hN7UzDt1pUpCp6JhTkHADvvxXpnlTqjpKf66RdWDWqOdp-B5izYHprH0EbMIUJXDwEAn0I6ED14A0cfLTpi744H41F4kX02jVWsj67pBqMlV4uxIegyuCx31Uusxf6UdJTvze8k65n8c22v8mpUjVIRRLVd-9WERlJHJk1euntIoKMv04_SxdFOWtwXKbiScBeBSaBPW3NBELPfMxYPO66GyrgPdHLNKDgKQkg6_nqBDewDe1kwmHzA_w4IEHPRygWrLHluiL_CVSJFTtaXaD8uOEv7kT30Bc8xrTCsDDsOfM4nobFfLVPcBfowJLwNIhW1_2tifzyRn_UlFBK58zwCSAFoKazZF8W2uSYMkNum00VnRgYksicftot_I9I-ShoLcA7MLWghIbL0-PFApWUgY6k_KB1m3lQskPVlLcHl1jYba61MX21GoiseItDGYTdkP2lZnDSNXuZ_zgGIlw6eaPP7L-0F4Hh65pNhS3JLKZyEso2Sg3Rn58lLz39cc_599lUpVV5vvIIggS4TDZzFU9hhr_fxbcPVD-HuabbwRKwK-H6w7www&cid=CAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fimgbly.com%2F&ds=l&xdt=1&iif=1&cor=1683256605574566700&adk=1726166463&idt=87&cac=0&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6e678aa481fc8da94f8ac84d1f1ceafe50780e299264344ddc86529327429f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13710
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame C4EF
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=eb7834d9-afca-4778-a746-0efa8f94f4b8&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a9a1b43c-8119-4140...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=cafb7a5dbff844f8b35da77a5200f69a&SNR=1&GV=2&med=10

0
548 B

99ms
98ms

Image
text/plain

2a02:26f0:480:22::1726:62d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=cafb7a5dbff844f8b35da77a5200f69a&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3
Protocol: H2
Server: 2a02:26f0:480:22::1726:62d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF9D41470C0348D99EE49F8E88018B37 Ref B: FRA31EDGE0106 Ref C: 2024-02-09T13:43:45Z
x-cdn-traceid: 0.14d53e17.1707486225.10620cd
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 09 Feb 2024 13:43:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D64A4CA214484DEAA080DD8696E0A097 Ref B: FRA31EDGE0515 Ref C: 2024-02-09T13:43:44Z
x-cdn-traceid: 0.14d53e17.1707486224.1062047
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=cafb7a5dbff844f8b35da77a5200f69a&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame C4EF 14 KB
14 KB 170ms
46ms Image
image/jpeg 2a02:26f0:480:22::1726:62d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215898042300_1R7CU2659CV8KJ5JKR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c8d717c76b14aad6c4fd6c99b7fe803e15a53537cba081a433c8e94b0ac74ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:44 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.14d53e17.1707486224.1062046
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14089
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame C4EF 0
969 B 61ms
44ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fimgbly.com&e=wqT_3QLmA-jmAQAAAwDWAAUBCJDYmK4GEOLp3Mnc46L7WxgAKjYJYUdFvSFehj8RfuBxSPcNhj8ZAAAAQArX8z8hfg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4xvEFgAEBigEDVVNEkgUG8OWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEmh0dHBzOi8vaW1nYmx5LmNvbYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX_8ruM9vWt_SjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW98yn6BQQIABAAkAYAmAYAuAYAwQYAAAEjLPA_0AbCjQTaBhYKEAEQLgEAdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHxvEF0gcNCREqASYM2gcGCAUJnOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=e20557be450d61bdb6eed07e99ccbdaf5d526206&bdref=https%3A%2F%2Fimgbly.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fimgbly.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D1459714223%26adk%3D101066548%26adf%3D1227626363%26pi%3Dt.ma~as.1459714223%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223852%26bpp%3D1%26bdt%3D1077%26idt%3D0%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D3,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D1459714223%26adk%3D101066548%26adf%3D1227626363%26pi%3Dt.ma~as.1459714223%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223852%26bpp%3D1%26bdt%3D1077%26idt%3D0%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D3&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 3209a8a9-25f0-42c5-9b97-f7c0be7dba90
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 80FD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b19b992875883d896966e397311190d3395a1618e6c167ee0f88bb9395c3cd6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
740 B

66ms
66ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLu6_oYCMAE&v=APEucNXqy99SooYJtXWlPwOhdKCYYbWDqxADlbN052bNCzrtnIfCldBSsbWyrkY7_0IPb3Wa5uKYfKZ4Zfuhdg_2SgXgcC3sal7FBD1Rvfi1-BFyQMhHl2CzqZCVYcnIFlKphsJi2wniqxitipSLaIqXdEUZDM_xmWNSZXFg2CgNfr7lxRWzinc
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fEwFGcV6yxit%2FtgNdUy2J%2Bsju2%2FA24jEpQS%2B20MDiDuO7N2mT0CID6l9Uema3%2FnDVGoV092p%2BMIZI7%2FlP5JO7Gj5McpuPuTXBIPU%2Bml5gt8pNZrMXTAQkuM7FrP8wuflffGPSoYjW1tgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b097e4e58de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
737 B

70ms
69ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLu6_oYCMAE&v=APEucNXqy99SooYJtXWlPwOhdKCYYbWDqxADlbN052bNCzrtnIfCldBSsbWyrkY7_0IPb3Wa5uKYfKZ4Zfuhdg_2SgXgcC3sal7FBD1Rvfi1-BFyQMhHl2CzqZCVYcnIFlKphsJi2wniqxitipSLaIqXdEUZDM_xmWNSZXFg2CgNfr7lxRWzinc
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isStr30HEEysXLfkJ36F4IBEuPaWdzDNrh5Y1CpY7Fo%2F5LKUBhwR0DV41Z9K0VV8lh6SheGjCt%2FKbUp%2BYybPED3FNZLHO8kpsQczd6cTO%2FaNA04412EI%2B2VLjOhBOdbTGks9CmXPBrbLEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b09ff1058de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8555
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

43 B
1 KB

46ms
46ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLu6_oYCMAE&v=APEucNXqy99SooYJtXWlPwOhdKCYYbWDqxADlbN052bNCzrtnIfCldBSsbWyrkY7_0IPb3Wa5uKYfKZ4Zfuhdg_2SgXgcC3sal7FBD1Rvfi1-BFyQMhHl2CzqZCVYcnIFlKphsJi2wniqxitipSLaIqXdEUZDM_xmWNSZXFg2CgNfr7lxRWzinc

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: d40dd1af-f34f-48e3-bb94-02dc573ff0f9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8555
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

170 B
188 B

59ms
59ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: ab16d8d7-593c-4405-96fd-1fdc443c9432
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3E0E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
735 B

74ms
73ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNUMhyWNPZEHU9jMgp2_XRqZ3KRrbYjRNJx-otlC2pedfBH2MphrNamjRet_TeXNME0xM2UppLjaIw3Rpl8uBxpIbO6Q3LD7hQk5pEbCQrham9ePU4Uu4uWgIZ4Mw1QTsv45wWb_bZ4k4VjH1hE5UbrKQYmfdzbwf500vHon3usrPkoKsOs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xG0xCZBvVBMvy5X4ZnMfCGUHd3C2tQ2A7RptDrI0eq%2BunvEFEZEV6KMoaQmbQWXtxWbLwDAlhSrLkmbkMwckj4pR77dUnm71%2BJ2RhUc7oYtXIZYkkX2Z%2FjQi7X5Y2p9EnRXIM9UcVr7rbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b099e8158de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3E0E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcYsELmqPS4AAAvXABrfmgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1

43 B
735 B

69ms
69ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNUMhyWNPZEHU9jMgp2_XRqZ3KRrbYjRNJx-otlC2pedfBH2MphrNamjRet_TeXNME0xM2UppLjaIw3Rpl8uBxpIbO6Q3LD7hQk5pEbCQrham9ePU4Uu4uWgIZ4Mw1QTsv45wWb_bZ4k4VjH1hE5UbrKQYmfdzbwf500vHon3usrPkoKsOs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6ry%2FwME4jSfYR%2FIIOs2c9TRLmiUu6xXrRz8LzDe%2F39AIFPlqRuY0msAXsyctcjjsZLrRg5cjRfiHUCu9cxkOhIHnsyqb6KXs73tNd5kYvDVByfAYsN1NgphLTaSSaPQwD3nx1xX0%2FQXSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 852c8b0a3f8858de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKo2zkFmgpegp9HHbm8ZDYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3E0E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

43 B
1 KB

49ms
48ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNUMhyWNPZEHU9jMgp2_XRqZ3KRrbYjRNJx-otlC2pedfBH2MphrNamjRet_TeXNME0xM2UppLjaIw3Rpl8uBxpIbO6Q3LD7hQk5pEbCQrham9ePU4Uu4uWgIZ4Mw1QTsv45wWb_bZ4k4VjH1hE5UbrKQYmfdzbwf500vHon3usrPkoKsOs

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 9dd3cafb-0ba8-4ac2-bb5f-00c015a02a49
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFoGaEZa_oJG2tWaXi_xl8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E0E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

170 B
188 B

53ms
52ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: abdc4c1c-4c05-4150-9427-e34552776957
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxMTY0NDk2MjM3MzY1NDc4Mg%3D%3D
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 716E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
59ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
expires: Fri, 09 Feb 2024 13:43:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DD58 38 KB
13 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 135035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 00:13:09 GMT
expires: Fri, 07 Feb 2025 00:13:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3160727161327022755/ Frame D84A 9 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

767c8dc5cf5cd2806194dccd5383fe7989105da84bc0622fa8601aecf866dcc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 135952
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3431
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 23:57:52 GMT
expires: Thu, 06 Feb 2025 23:57:52 GMT
last-modified: Wed, 03 Jan 2024 13:24:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 80FD 0
0 81ms
81ms Fetch
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsstbWanr6jKI9XqA6wUU8KQAxGNEUmYMCdvlnyWIrcpNV7oRuPX_Pe-wd2yJFDBv_1fnXwzZ6qLQirSCgfCPUkDmy8OMSIKVTmlMF6pSZokFlvlfQLgmzzFtOro_ogVFpYLKrK9v5727N8MohAgRiXZkBb7y0tXx_yOVVL7zwTjM6UHEEqWBguLTAEaF2Z5LaK1lzpncSzo-YhSz0BlOn5vs_lqp4PpaWQ4ZvlXxns1sCEClGu9orZxADfdsXC853SincwpiOLzRpyRBg0_uDQ9y2H-2jNU5KFh_ZGoIeCaiYDg8ufMLhcTy8Kuo7gbIFrDnEYH475LxMScIuQW3_96KVFnuZlao3Mp8kravc1r1W5FZYabgnuAi8aGUmqqhJGPO1UqWTqxSBJ7MOic5EoJ3eH2U1cMmIfreDrero4KVTf9wCr3BZAu3wDr_0gPnmJgzRkJesot2cjz59fpBNuwtx1I5BKovJXcpAXz8oz4010Qqzg0-EUJROkBOWbbeJZnEIQBRs6JqJoTxFUV7T_OvHyUHgAgzzybBjAaa0sOVcZVvQ28N8wKUEPqojAL6jGrmF3f0m7rXwxj2MvamnjItNn9mbhkgkg54G5ysrvxQ1lItcedVOFtHsz50QSCUthXuaqAeZXPjZGvbDzo5Zw9yLOXqqIn7HPC4ChZFP5IptWOG9LjvG6ybyWNFvTB-WQ_EZMA037Msqr9oqc2gHJd6S9oplzUiDOEjA528oFHbSrU6h2Mgs5cEuyi3xgvLSnVzkLhuz0InYyAo8IwYHOtwuYNveaT3a61zSPbnwBq8VyKgErv9sO3dLvp9lKuAAf749Yv44KWf3CT-RQtiLyNr1YAMGp4uVU4SaU9rEMLvYu9OX7Ddau9r9kYP7-sV08FReD916AoJxJqeIgVvI1SQvAm0lDqOa50rZIfiAZo3nfPKSZF-zBradvFlKrbUpuFzV6HOgp7SG2k4-JXuj7gMHHaB4ZjD7WgxzEGK6qNGqxgDFT78lNC2wS5c4VI6O9RiZ2Nz3iGSUZIp-Cotxt6QmbwzJqrEtmnpifWthG62pkteEGFDnkfpJtRX1dtjTkQRNi8TpDuiz_VsL-AqH4D8uCe-t1gllp6hekblVFdMRu4aXVrEUlUenWpYr3xilinRTJsmC1Zfw54hXCfZMsM-9i6YNA6rkr-ZyqiebcsZy6zmkMPuxktr3Lo_4uyWOLOaY2RozQrDcqpk9pc9SILRg9EzGG3NFCDz-MPOgRKyi9FQOXCuEW6blQOWGFYlqrBAgLu1D1K7wRsFwWAwXqWxlTYI76UQOJcRcNdsOteNKirfmXldUZBn-eid_w&sai=AMfl-YRawue5v_2VsGKv-hKGZvYqjEnS9rf0Oe7Ocp-cphm5L8bj8_5nlyVdSPuPzlFvWisvA0GGjC8GaonqxN8O0wdnPbp_3L4VVj9wpUb8EFhCEWE9Tdvhb6_AMB9YPyarjHS1iH4rypicP2c1MBwDgcQU9uGUcfL-O5pm19QTEfXjRlUzJZ6W5ML5MMI_mbpaJSHfNQp2H3w5d6WghkkTAIHYZReEi8GJqMn8c4wG3GtYt_2pdhOuvXW_AXw113CKhgkUoLz92brENu5xKmqpCW_5A7yTP_zRfKY_MNjqSqDBbt759CEkKySEAjsbLZO8lYmCgUGNI4bnjqc6RoUBc_s-0HTmVQqTArORTY4BPS36xtV05qwgiJk1DjtziOnlyb3fTc4HQ0wBtXasFkzXTO65rPnxuRe7WqOdzISyf1sfhcHi0Q40ZL1DZtM-zAbZxeIXyc_NyIr-uXqpRudzzM6a9e9e_iuhZD24oP-LduLAfrl5veuVkCrCIxwqdb4MTHn7celBdHAqbw&sig=Cg0ArKJSzH-HaJcb4yRiEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lYmF5LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=199&cbvp=1&cstd=198&cisv=r20240207.62618&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2A3D 236 KB
63 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H3 200 min.js Show response
s0.2mdn.net/sadbundle/13832977830756705968/ Frame 2A3D 66 KB
12 KB 41ms
41ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13832977830756705968/min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280dac1339163a43f2737772039670535ed371e4900dc26f2934bd0fd05384f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:55:03 GMT
date: Wed, 07 Feb 2024 23:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12477
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7353 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4386930457303&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7353 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4386930457303&version=m202401290101&ct=76&x=1&cor=9864038169005224000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7353 109 KB
41 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcO3MsIWvW6EH3QZw8Nrs38VDCuV5UW6iBkQhgn-D_VmLNaE4WpuQq8CsMln7W6LRs9VSSe0YLgfM7FbsG_quUuznE4hSrzqPm3CnYgLBx_Sih4UMb_LzXL02D_3AtY_moCa6LqnoZZJgKwy0VjGkgF0C6eqY6OopT2VJH08yh9Df9smE&dbm_d=AKAmf-DZYsATXFbtxeZbgti6HiAoBiIm5tORFS5rnFqxJLcLwIiITWChsaIfNxQsRnfNhrlSPK7ps3CagDp-kX0vuK0_SZ54GAsZNT2K62fcr9ZzPfa3OWp9BzmzCHbHZrxrdJb8oUH1GHrcnFSnowrGid0xft-8oC5sO-0Q3KyuCkaiQirakeSPoj8HcOdDvQu4AwmjFgd-UsaeDKFGvHqohoRbtwP5D-8cdrOJRfQTQLd3mrnfS0sgrC8mUt3Prhh-FMSGkwkZx_0rhn2w2C96ah1Ip6nx962HsD6T4HghgXsbaBUtLip0BXMMi1oV0e0gnMgbCnDuaheKesX0NE7t8nTqlFYgGaCn4ncfFcIeUKdwUoDjCU-Em3W6PXbixIPNRJKI5dBJ6iNEw-Z3VXbEehXb8DgT3Ti4oJNTqTSVu5Cn2OKb4-oHWwpHJzTYEEjkBQDqlgOBgOYLiAW_9k6qsNMibxi3g-zrBpUEjGmTtWJVDd898Mr32Mbj4_g1jRls2v8aD5tktbxNwaXk564wM79uOUNIfazAVilKmQBTgf6ZcCOEr9kT0eJLk4vKWBVcrX20qLy_5RwOf9WmwV-seR9O6KHmDdL43REH0MHPn8ffKNU_oPKYwhv6tFETlr1xZTmvu0tWEHWhJBMIiXzwkciQ4js1l85xRaLv7evzao0vofi10uM3lt9bVbmpHE8wqSzBAxyJ6D2QQI-YcgT82-2_WojBb3Tz0pqUpuWwKIfTPX48-qevvSpbDGDmFM7-5gH_ewU-ypXOJoKt7qjrkiBWbOrG71HDb0s66GCO-AJdLRIEfT9qb0Tj2b7EgwryLKnaTddN1TnjBQKVGRp-X8H9-Z5bf2tjMLslz9quWDDtP-3JCP_DlcOBD31CjRWmXgeq-o8CId3YqHFVjvjOklJXwqpjGiDSa4Q_5yvMZ2pnG4hr1E0ELEkdycLX7Aywh7Y66YcRuBPyVp-0KshewpTepZXpKzTcNPDlAE2-3qcA0BWOoXWx6el9Cb-HcDoQYhNK7r3kuxrkTuR2e1S2HLipBC2c035e7FhO5VjiFiK8D-ghLkLs01C75tqZiJioa7fmEoDeeSrcczd-SXFk5SSPI0qSxN2e1p80DjqxOYnKx3ina6zfXQXkjd4FBl5e5duj7R56DRmveRWtODdvKRIrMyrOxmTIeVEwS_h4xPlXgnPVn-qWFbE7NouG7_2ktlQH1Pg0JjI-BCYcxdb-AhSmrIvU54CzjbjpXP2-kK23VrvmChxuQCuC6D8ZuVRGgUEcI3AxuEsHYKwJP0rV-SmCDGTeBPfNC15CKw0C2ugIricKSzFvKOLbUSg-kLWi18H3m1eDb0U79RJfPApgQDg1fM-XAbUlADZQtevwWEPt3c5QQ6g1ryExT36rU1guic4FHVaI8beu1932cSh7rZO-GYfX_Ih9rkLbVxMxVSFICLB2PX3Vg20JXqFi3PMjb3Yexk0Nvb1HZo_QpBtuRFO8xuQoUxpxqFlV0QTfZA8HWcUZuRxyGdHIZ1hZzVlB85-eMzz3JFQa68Sj1ZaqKyejWuPKST6qE5hXVbmw8bWYPmlvActooMW4f0kwH87LdofcH3amwuMuVfDpnCmSk65NA__zdy94izSa4OHSfRIS43BE-fsGlw7fuZljro1eLzY8sD12G-xW8Ajiw8yivg_cpLH_eIM6TRHjkdcpgkQko__izo9YTn3ZinG63fNepor_ShZHb7Lc97RxBIFYkCT6TxkBAuOdTp-XZ5bzdDDp_z52XOcpsSt-iqr9UX9gEwKir-pfUfiYfW6WmFfkj8SVsurUsDcX_aS7fll9CQF8otdXEaVFFLQr63zBNyF1QgLBsAm7sgJdlslYJIPXM7nNaW5UWkzSBfdt6GcT5Nwo3AJm8sQam8c0nMhESpyGyUGiDwdC8Jh6SIap6JUacQEByfaBCbWPfrVaK0VkoQLGN-WTNAGfPNYYJShXxsgDNy9DcSsZdUXSOuLLk5x2kc1NWv-4X0mCPIRkyk92ZdMLjBU2nSgiEdOPP2bXbyuWwmTuoKqMo6ToAn-P2JjkbEO_rf857htyZM7IpblRbzI_PBxJudG5R6i_L-k6gFA_57OcDEMP6zFxcgdE_4MTQb2baaRn1afCwfJoh8KVnNqPkm8S8koZ5rBRRRGMhpbGnR0IJLYf6oAsphCz4n0h15lr4bozgor6xzPbV_lYES9KXSQAFym30a843i3r3skqHRqZ96g27fGr9mJFZCxXhpxPpjD1CTUNPTsPr7PzH8FSApC1-x88-UTF2-2gGfq1xfzi8wh9UAg9AKq6Td6oF_C5iFCW7Gfg44migouZ2sQdZiih1UQOpOcK72CV19E1lIcUvcJGP3ams5ZYj9Xx_RB9KecahL8OT5mripiV4IfJQToyXFFbRKQipLeGx2mLylXGFZNJek0z-dXR0BCSowVZ4SEsWKs0ugGo2qVr2KOuzfHiLw9iiF5WccAG_XEsrS7Ltyptu_yUlEclVjhg8GyS7v-p8NMVwvf3kVJ1nlxmZqbpMrkh4kBQCsTJksgCpHazPgVoAaO9Ze8UWYXtW0BxriKd1nvezPUpDWvB0d6_PAHcvdFW8kH3MqdDAkOU2ESOSA5SEMYUIA69zXTXvXdM97h1zMm08ATjyO8gjlHxBgzsYHnaPsuJrIhydV0d1wucRKITYTuEp01sTTu7hVNmmYajGaXxqPG5yVWdyZSR9RSu4F1wgPJVndyLRFByGQh-EtFUrN0hj2krH-X9lxWwcxaUY0uYiediJNY45mlVD9WhrawC6ZZtmC1aHq6s0Qq_6OE0g_cM2vyOSxwSkmRn8yE_2VlTWkDiYoK0DPHWqzKOd7YwIkPYQCmg6R-Ndzs1nGxcP-OSdlSjR5HMLkXJHQ5JIDzsN_ZFaBsTclfjXXu996LS1IcHKPddmgHFhhrTXtEQpzXqM-aS1nTevwyYLV_qknQy7DLctdPTJgouwurMO2f69UOsjiytB2UYEEnf1Fynqx6fxSb7jtfrw7RyPyOIDCNw2TQXbPH4Vw0SH40uB2kZv1TLr2xIa3Bw8Rhc23qpZ8FEzCn1j5BkAAxYjrzVnI4vWqmKuoLmLh3NYP6mPBt67oX4v8NUDzJP6KYWIFCJ6Qw_msvU08z6comA05fC5tWHuVpp7YRcat-bxyO4hG3n_iAHObWzMveLbegZUuSTMJeI5nmDq2VoKfV4EXNgy-WTyO6Dj2GIIkD_AGvbikEUYDQQz7rU3L_VMzalYNTAXmOOOLKDGePxMPfkWRGeEpDOWrFsgx6nbU6Sd8XakYp-DaSAqUP51DbTngVjA73T7RfNyX2YXHUG64ZebegEccKXaHZqmksm36EmvGPPo3w1u1CjcTR9W50L9X2e2PIU0U16K0b9X1_jn32pgVuvnLbFTGwaKPwBbNHHl6ilYS2fGOfJr8VNqGGeHLAJnfTpXFp9cv-qEtq2VV5tXDs4LKhWeLpyI5Vrdm2YTzKUzFaYov15sydKS_UlByFtRknmHy7aoJ1phR58ACC_tm4RMg&cid=CAQSTwAvHhf_x4pu7uqbMHSrgQO49wXLXnFVT2RkihAbo3zN19gvEGqKJNWGtWAJbIAowxKLWQyZ1AvmcoHep7KSnfDjZ6rBTEdE-R4zLAcQ2S4YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fimgbly.com%2F&ds=l&xdt=1&iif=1&cor=9864038169005224000&adk=1877897942&idt=90&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4fdaaf3267c45c95f6a20b03673d7843cd18a0676348520cd93e0bdc64c2a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AD32 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5L5a0HSiHqQG4BaaUxN-mk87swtn_MorVHFGfDLwW3YzE2mta1vE8-uF0M-zvWyfAVOHypWsYVr81tlS9i68eH2Fnm7tcFCpVRJFyvMbmPw2wmO18NjMcLIDAYbX3Sk3C5lyYGLlgqOP51WTht5rHf8ONx9Nw8veuRJG3qBJ1ldGm2vk&cry=1&dbm_d=AKAmf-CoVw5oF4mYhWBH-1tbeaHk5yU5imnkxP7SCj2D9LBboirxl3xBQ35I48fRiP0J1yroqcL54ichjZJFbpvFfTs6Ada5nP1U3CDPmCfHUWHz2MemWjTtinuJSxo1gWMxP3xhD5nnzA8vungN-8TOc2p4Hw838Ive1oKqDcsDcPztWZKUlntxMf6PuyLvYoezPKtznoGHt5H7y0B4OCf-LtiPYe8hMXZ90msK5HSmc81gbKuiLRSUNXi_xkrJtzXkI7i9GiwglDJBFFCrPMWup-zFe0rt72N0B3HxZcPUsCIht7FNC4RdMIHh7n6cCrpkF5iuI1e_c_pf96PiMgPMkCNyWFdU-1Ae-pkUVxlFoYlzySEAoN4g89DLy2Ns8eiC07VHcjqNMqDuNPy3tN-7n02h0nxaKgHA5ZHxiylpXC60Y-E5oLhAjZoPQEUTRnQ1YNPqqks7DB5qV7J6_HOenWvVCNcg4trvPMFGu4K2gbftlUZRzhhxV_qspLc-UZ5chVv3NiBT_ZZU3Hd79h3nU_IZ-mz8ysXxrMOgGxfSJ2VcmYT-gjWftrCnJB-0KwebSzVv7s71itPfgtXUiKrsBgWidGyWuLxNB6brwsBMxABuwjNsO185m0Mt8uRqpgeewVpZz49V1rjk4rxl6vYJpFhVfuvw7x45wIr2dbPpEsTXkORQB6K8zxgnuwqaVS4FtX8_E-XLJbkQkLcpKSxWkUpByLzvphtKzHv3FXa234U7Ne0y5QzeZhRyo5o0GxfBbthto7RvJbNuhrLDpoqDMjcgUY5Cu3aPlrC6i4AgOCinROHCYjnekMH_tt4DPvvclhSdJwlPVjuBinwwTYXdnZ9veHMMfgUlpuPGYbshGyCqR8eG8BO0A5zxEcZ_RjjJTzA9JnDdQ75_Nbx5uYZlGvY1E9jEjzBvm7U9_nZwV5qTgyeTlLScC2ZRm8KWACf7I0aJ6J12OLMAduvvehjEd6fkqBP-9dFZP2lXm8Rt8xT89jX5_O5hpMTnR1670Y9cqEebjFP2ZMfSa3hOSpCgZzbOtWICcgujlC2KJ_3MbL-aqs4fpo1K05VX4kk6QYBLJ5zn-cyi3cIUjFqczxJuXLYRob6kcrOK6NaSPPuxWFmIg5KhxJVLEaQpiW3bdlRavgi1_G2XMqbQTQPuY5I4uR4671ctsjEWESQVqRSJqRQz6HuD3z73eVv2Y7dP_0-57WSL8KUjRWgUkBTwdXTDHOmv8uKELbhc7SpcfXye6bMO3MSeu1eExNodSjSp7g2o0zfMkCfKKZUEi8s4lx0Xu1oYZ2uufz1UniGNcXMfl7rcSV7Giy2fcT7EkY1N06_G5k7TyMq1pV7mvhlkJLElXzunVVlhiHqmnIDSTko7hMoRhTNGc-aTtjuU0upyGYvmdZqCTK-PJP6YQ9DF3mwPmsyHlZY3ZKD30T1Tz2bKnImJkesmXuhvtSfwFiJqIv3CW1TnhIamw_haOi6N3JzKbZRNn3Gsz4g0n5UR_fGCvObQK6g1g3n8KnyMrOiiYW9FXMvjzY2vB5PAbLg0UA-a18GeR1LHKkUqRx3ECFy7GHrUOaxnVh3gaEX7-cxxnADNIk0mFVgDa6y3X3PyUwEy_pcUKUo0AK1FLEJRROGnXgOUcrVAzP8qh1xSvMp0W6lOJ6yQcDq-dYwlqmLInXTcjLwxPGmjKeNrd2PtYv-GXbDcplh_cgU0JFTYWK-yI4ZZhTx40YfaZwTvBo_9CPFKJ6b5ZKAXR_mGczzXMmb7ajWpfd3_yvE1m38EeTGWSFbgJ80rkgtNQOEYVbgJRdI-NiGEdiOYepIGjnRbGDIIdXklX-B-wogymz9otOdAOXsHRTEgD_T9-JRJePec7hs_7ymxkDhNZcRkL4rp-J9BCrZJmZJ2KCxc0qTa23DuxA_gxtzOarp0WzQOTG0hmRQKgfwc-GfHcERPBeGkqem4IuSy_M1fWW4w284eE5mOIbfo71DACfU5DngidosZiUn8gXoX5skCid8m6jrOStblsMU3R0TD7WAM5T5557TyjXQy_mjZjAJIWFGuxPRA6euGU1AubPs6lpCWjmhjpTPUT6q4HT7QjqkfrWGWavgJBbFTaj4oxj9Xg4-YWsBi3Y9ZBvpRKLVg1dR25NzYB_XF_EUHO-3c80_Ov7xbuIzeuMPK7gTzwpgIyt8sM9D3mn1On3u2hd73rWyztIT8VjWaPPz5XQlBOhIX0UMPBgzCwg7jzCSZBmV0WNYljGidey_2vIadoIakkZenTCSBco9F6cr_yOeK3VulXbVdlitfA2QFRDoEBPWI2k_VAoHBrkNfhbcxeikV_S7PopAhBxITUdYEu2ZBSiWN-xs8VLINASXowoPp33p-lO5stVtP3Tp0mkiJH8suQalgUNH0r905DFzUfBLWePSkw2OdzxTgCYrMFxC59E-CGgiFgfApSH1nPJ_iVqobmpYZ8eJzHml4w27nXFI2moHuOFlKXshc2hAPCzgxYlS611BA9QZG32E_rPyIMIh9hShEkd40NnHOZh1xkCJQpgbWlyAju8fyLbelh-E4mCSvBEFtue5BxgEKzIzOlQ-RLSCxiSZYSOHVefRu87Pm7Lu5RCEikWNjyI3uP1_D6hzXrvaixuVnp_DnBhkbCKXwNnIl_IULIBxjOvcvDlvJDDs-Sm1G2HOUw39fuOu8r2IdiHfwAL0z5XeUia99A2SupmFBOaxABD0Dyz_VVn78_ZIS9wC1y4CBZMWG_LEKxJvmVCYyKx_hnEUiKE1bcItpW9edTe0UJiKiy5_9eeJ8xpEKTJASeZUSgw19o1gxBpxU1tkqHAXDcR0ZkwfHnrRFMBHziYAuOZ3qtvNTZKNElFlXN1wMSST5HyEH_OdY2XJ03rG4ZHXQ3pXqw1EQTkG4QgHW4hHuXLz8JFZsHPjsUmM3DSHYwgpvxC-GIJU7tl1bTyI_WHqxt2nSw3lx63GQkMkcxSDDnopD3VIKyIMuQlVHWpfFX9btYrXBTEkjtrFpoCANSUVvDQpPYg6CNalyveLM57_W2Ul89DT0DAw7t5Nw--ye1kTiuxeYn9J8MHPB-dglMODxaArDV4ghh8N_JTLsPxLmC6-hN7UzDt1pUpCp6JhTkHADvvxXpnlTqjpKf66RdWDWqOdp-B5izYHprH0EbMIUJXDwEAn0I6ED14A0cfLTpi744H41F4kX02jVWsj67pBqMlV4uxIegyuCx31Uusxf6UdJTvze8k65n8c22v8mpUjVIRRLVd-9WERlJHJk1euntIoKMv04_SxdFOWtwXKbiScBeBSaBPW3NBELPfMxYPO66GyrgPdHLNKDgKQkg6_nqBDewDe1kwmHzA_w4IEHPRygWrLHluiL_CVSJFTtaXaD8uOEv7kT30Bc8xrTCsDDsOfM4nobFfLVPcBfowJLwNIhW1_2tifzyRn_UlFBK58zwCSAFoKazZF8W2uSYMkNum00VnRgYksicftot_I9I-ShoLcA7MLWghIbL0-PFApWUgY6k_KB1m3lQskPVlLcHl1jYba61MX21GoiseItDGYTdkP2lZnDSNXuZ_zgGIlw6eaPP7L-0F4Hh65pNhS3JLKZyEso2Sg3Rn58lLz39cc_599lUpVV5vvIIggS4TDZzFU9hhr_fxbcPVD-HuabbwRKwK-H6w7www&cid=CAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fimgbly.com%2F&ds=l&xdt=1&iif=1&cor=1683256605574566700&adk=1726166463&idt=87&cac=0&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:14:00 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzQ4NjIyNDc5MDQwNAogIHNlcnZlcl9pcDogMTM1Mzg3NDI0CiAgcHJvY2Vzc19pZDogNDExMTI4MjQ2MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame AD32 0
597 B 77ms
74ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzQ4NjIyNDc5MDQwNAogIHNlcnZlcl9pcDogMTM1Mzg3NDI0CiAgcHJvY2Vzc19pZDogNDExMTI4MjQ2MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDczNjE2MTExMzQxMDE1OTExOQpkZWJ1Z19rZXk6IDU4MTkzMDYzODQ3MzUzMjAwNTIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA5IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU4OTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNzA2NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xfc2d598f5d0466b40000000000000000","13":"0x9367845f9a329b7a0000000000000000","14":"0x52c49000085d524f0000000000000000","15":"0x1da46912c4eb100c0000000000000000"},"debug_key":"5819306384735320052","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14736161113410159119"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame AD32 11 KB
4 KB 132ms
40ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1707486223977115&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxgoDyzGZdvRO6mZxtYP7KSK8Aim5b2gaa2VnKfJD_AuEAEgydGIkgFglcKagqwHyAEJqQLUp6sw8RayPqgDAcgDmwSqBNsBT9B1AtvJgXg9oeqMu4kYh9YkztZrHIbUygU-ES_HXz9xeM2q-SBqu0OBhWUznVISjkr7_0tYhRAiuKnrV6NQhDop7bfPZmzo17bgpqJsSXEdkj-_h31-f6fq18jB-QZkVTUKaY_qSrG5w0BAMy_Ybl-5F5-_suPFwoW_aZ0s6CZiMZ3dQbslaeuX9zMuNWeWb7a14bjlwiEqCmFzMglxwgrz-scuu-llMQ1Cb7b5lIrw_dRYSxOT0Ald9Tzria-YKfa6q8yHMSvG4tOCtJSKnNrAI78OzenfwJX3wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljv3tfusZ6EA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB%26sig%3DAOD64_2NN4v8qTeB44_3ADzi1XohbEq3Ew%26client%3Dca-pub-3860072030774975%26dbm_c%3DAKAmf-AuU0DLykHxUay6456BznLnAYSzZCw4LhaVn1i4S5DzTjmFRSl-xvgBlTijfHJVyIPp3SJVv1DNloDbl700x3sMvwGtcqHJMXk3Pm-b6ZtJaSNLrFrCVna4dP-sVf-_4qCFnBEjhM_pDeK-z9eeICHGbSNbaQMMEVdf5Nuly5jDrCOXMLU%26cry%3D1%26dbm_d%3DAKAmf-DH2WuclJeVyjrBkUzDqknll3ocUaRY8MsgCiubhKD1y5WsRnB95qHjrPYOcRMx6H4bq3r2QAxYCe3VeEIP5iXnfTN815C7XL_Zxc7x61b2VU0FmjR9g_vKMwNk6ejNOEb2oqDh0jrj-ctcxdpWwixewY1a6ljzmB3I-dJmoyq9pU8D8hV0Y8Ae4fir20fA15Ssb3_CbQH0AkW4ORCGdfBPJQGH8w5OqN-uVis_7r8h9MXiHaUV5bMJrGDSojjcz3Q0EQrvXgQYKiOMv4lA0FhJ1-8SG265wjNgZgTj_CZzuIguBYOSMJ6fXuncUINAvZtMZw4C7kmze7t6JpgCYAdUTB4-1w2XzviR3rCMQz7T0mLYpH5OZvK8BRZFzenyZR8TU5yh8d4taYw6tdauhYW0MrZcrDKTbRy3sBdXD8PpFCNV4ctmeZ27ZxAAPdinZjpTH4oHRG-8KhhoUsj8eN5fModeq3Jw60_UB2NstJLOnmApQp_oGzvjk2nQTTWUjC7RQz-B6rGMO_xgEviBP5kijf5GJI8FrJM6_9XvI-WnDEzPntQ%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1c78541686109ed7c3f206451175aa8165f51ff1ce7775c933ab8b1fd739870e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 13:43:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4141
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame F2CB 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 07:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 07:36:42 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame C4EF 0
993 B 45ms
45ms Ping
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgbly.com&e=wqT_3QKkB-ikAwAAAwDWAAUBCJDYmK4GEOLp3Mnc46L7WxgAKjYJYUdFvSFehj8RfuBxSPcNhj8ZAAAAQArX8z8hfg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4xvEFgAEBigEDVVNEkgUG8FiYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEmh0dHBzOi8vaW1nYmx5LmNvbYADAIgDAZADAJgDCaADAaoDugMK0AJodAkoHHd3dy5iaW5nASrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hOWExYjQzYy04MTE5LTQxNDAtOTAyZC0wMjNmODU1YmYxMWQmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AYY5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHxfcDJmX3pib3Z5ciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0RuFBSSUNFfRIFMTIwODUaEzY2MjY2MzY4NjE3Njg0MTQ0MzQiCTM4MTg0NjcxNCoEIW3w3jo4VTJWaGNtTm9RV1FqTnpJNE5ESTVOemd4TlRnM09UTWpNak15TkRZME1qUTFPVFEzTmpNeE53PT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF__K7jPb1rf0owAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAFRBUBAYtg4AYB8gYCCACABwGIBwCgBwHIB8bxBdIHDRVlASYM2gcGCAUJqOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=91bd51c69caa9f5aeeba93363ef769fa7345abed&type=nv&nvt=5&jm=1003&sid=8561392151668621195&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: 37d2cc76-75a9-4247-b012-80af3edd6fe6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D84A 236 KB
63 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 13:43:44 GMT

GET
H3 200 min.js Show response
s0.2mdn.net/sadbundle/3160727161327022755/ Frame D84A 60 KB
12 KB 48ms
47ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3160727161327022755/min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c9251228f7cdc1febd8312a26264597a8234ac5bb60bf52f45b1b66bf0bc5a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:05:59 GMT
date: Thu, 08 Feb 2024 00:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12092
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:24:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame DD58 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 07:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 07:36:42 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B105 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 135035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 00:13:09 GMT
expires: Fri, 07 Feb 2025 00:13:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C4EF 0
19 B 80ms
80ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxSwoDyzGZey2OZaA3rsPuuShENLg1-Buj6S2k5MKwI23ARABIABglcKagqwHggEXY2EtcHViLTM4NjAwNzIwMzA3NzQ5NzXIAQmoAwHIAwKqBLcBT9CzDAdRIc4w_adWfC26KsH4SVku993qSkO4jUBUswdObW1QHdO-SivPZHhM4KOFEOn92_XYTwuPFo5OGFrQ1lr6yEwlMNOwUr6a9s0x4Y8oKcdCNqC31MqNLek24Wiht6i0OMgjvNLI1XxEvLSu2P1AJpy1VoFjQPuBrHiyKiAwPos6oiEGgsGBg1BxC0VP_68dEoYJL1e6YVPNVwnVXZvhwxj4GfTN4pBS89Pd4_NWSrFf4YyzgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOlj9y9XusZ6EA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zODYwMDcyMDMwNzc0OTc1GAA&sigh=_j9CITKytxo&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_dnPw-aN_uRVuHA2xoCj8i2ilEfu1dpXWf1LVBbUd5UwPpOPUqUaJe4bjMzPIcEGp8sOQI5dwSwZJSYB-5Ybo57IYVixH1drwARgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=1459714223&adk=101066548&adf=1227626363&pi=t.ma~as.1459714223&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223852&bpp=1&bdt=1077&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame C4EF 0
968 B 45ms
45ms Image
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fimgbly.com&e=wqT_3QKkB-ikAwAAAwDWAAUBCJDYmK4GEOLp3Mnc46L7WxgAKjYJYUdFvSFehj8RfuBxSPcNhj8ZAAAAQArX8z8hfg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4xvEFgAEBigEDVVNEkgUG8FiYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCEmh0dHBzOi8vaW1nYmx5LmNvbYADAIgDAZADAJgDCaADAaoDugMK0AJodAkoHHd3dy5iaW5nASrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hOWExYjQzYy04MTE5LTQxNDAtOTAyZC0wMjNmODU1YmYxMWQmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AYY5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHxfcDJmX3pib3Z5ciZhaWQ9JHtBVUNUSU9OX0lEfSZ3cB0RuFBSSUNFfRIFMTIwODUaEzY2MjY2MzY4NjE3Njg0MTQ0MzQiCTM4MTg0NjcxNCoEIW3w3jo4VTJWaGNtTm9RV1FqTnpJNE5ESTVOemd4TlRnM09UTWpNak15TkRZME1qUTFPVFEzTmpNeE53PT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF__K7jPb1rf0owAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAFRBUBAYtg4AYB8gYCCACABwGIBwCgBwHIB8bxBdIHDRVlASYM2gcGCAUJqOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=91bd51c69caa9f5aeeba93363ef769fa7345abed&pp=ZcYsDwAOW2wBd4AWAAhyOivvns1Mtm4bgYSdkw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOI-bDyzGZey2OZaA3rsPuuShENLg1-Buj6S2k5MKwI23ARABIABglcKagqwHggEXY2EtcHViLTM4NjAwNzIwMzA3NzQ5NzXIAQmoAwHIAwKqBLoBT9CzDAdRIc4w_adWfC26KsH4SVku993qSkO4jUBUswdObW1QHdO-SivPZHhM4KOFEOn92_XYTwuPFo5OGFrQ1lr6yEwlMNOwUr6a9s0x4Y8oKcdCNqC31MqNLek24Wiht6i0OMgjvNLI1XxEvLSu2P1AJpy1VoFjQPuBrHiyKiAwPos6oiEGgsGBg1BxC0VP_-0fMxTLi63X9am54peM2S3l4BJ8ENrVOzLUqldhY9l6UnHeA-En_lEQgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAhAhIvf3BOlj9y9XusZ6EA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0OCiaEmQqNuJN7FMxrquMCk8Dyng%26client%3Dca-pub-3860072030774975%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:44 GMT
an-x-request-uuid: c917da5e-bd91-4ac5-820a-b7aae824ac7a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1956845/78353831/ Frame 7353 60 KB
15 KB 231ms
64ms Script
application/javascript 54.194.91.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1956845/78353831/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1016043604&ias_pubId=pub-3860072030774975&ias_chanId=1&ias_placementId=20991824298&bidurl=https://imgbly.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hvpVjFkY9U8QHx9fqECIxZ
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.91.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-91-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 28daafebbba54870eacb733f2c1a89c7448468b1d7e7966759be4778717a2792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7353 111 KB
39 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Feb 2024 00:01:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 7353 12 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcO3MsIWvW6EH3QZw8Nrs38VDCuV5UW6iBkQhgn-D_VmLNaE4WpuQq8CsMln7W6LRs9VSSe0YLgfM7FbsG_quUuznE4hSrzqPm3CnYgLBx_Sih4UMb_LzXL02D_3AtY_moCa6LqnoZZJgKwy0VjGkgF0C6eqY6OopT2VJH08yh9Df9smE&dbm_d=AKAmf-DZYsATXFbtxeZbgti6HiAoBiIm5tORFS5rnFqxJLcLwIiITWChsaIfNxQsRnfNhrlSPK7ps3CagDp-kX0vuK0_SZ54GAsZNT2K62fcr9ZzPfa3OWp9BzmzCHbHZrxrdJb8oUH1GHrcnFSnowrGid0xft-8oC5sO-0Q3KyuCkaiQirakeSPoj8HcOdDvQu4AwmjFgd-UsaeDKFGvHqohoRbtwP5D-8cdrOJRfQTQLd3mrnfS0sgrC8mUt3Prhh-FMSGkwkZx_0rhn2w2C96ah1Ip6nx962HsD6T4HghgXsbaBUtLip0BXMMi1oV0e0gnMgbCnDuaheKesX0NE7t8nTqlFYgGaCn4ncfFcIeUKdwUoDjCU-Em3W6PXbixIPNRJKI5dBJ6iNEw-Z3VXbEehXb8DgT3Ti4oJNTqTSVu5Cn2OKb4-oHWwpHJzTYEEjkBQDqlgOBgOYLiAW_9k6qsNMibxi3g-zrBpUEjGmTtWJVDd898Mr32Mbj4_g1jRls2v8aD5tktbxNwaXk564wM79uOUNIfazAVilKmQBTgf6ZcCOEr9kT0eJLk4vKWBVcrX20qLy_5RwOf9WmwV-seR9O6KHmDdL43REH0MHPn8ffKNU_oPKYwhv6tFETlr1xZTmvu0tWEHWhJBMIiXzwkciQ4js1l85xRaLv7evzao0vofi10uM3lt9bVbmpHE8wqSzBAxyJ6D2QQI-YcgT82-2_WojBb3Tz0pqUpuWwKIfTPX48-qevvSpbDGDmFM7-5gH_ewU-ypXOJoKt7qjrkiBWbOrG71HDb0s66GCO-AJdLRIEfT9qb0Tj2b7EgwryLKnaTddN1TnjBQKVGRp-X8H9-Z5bf2tjMLslz9quWDDtP-3JCP_DlcOBD31CjRWmXgeq-o8CId3YqHFVjvjOklJXwqpjGiDSa4Q_5yvMZ2pnG4hr1E0ELEkdycLX7Aywh7Y66YcRuBPyVp-0KshewpTepZXpKzTcNPDlAE2-3qcA0BWOoXWx6el9Cb-HcDoQYhNK7r3kuxrkTuR2e1S2HLipBC2c035e7FhO5VjiFiK8D-ghLkLs01C75tqZiJioa7fmEoDeeSrcczd-SXFk5SSPI0qSxN2e1p80DjqxOYnKx3ina6zfXQXkjd4FBl5e5duj7R56DRmveRWtODdvKRIrMyrOxmTIeVEwS_h4xPlXgnPVn-qWFbE7NouG7_2ktlQH1Pg0JjI-BCYcxdb-AhSmrIvU54CzjbjpXP2-kK23VrvmChxuQCuC6D8ZuVRGgUEcI3AxuEsHYKwJP0rV-SmCDGTeBPfNC15CKw0C2ugIricKSzFvKOLbUSg-kLWi18H3m1eDb0U79RJfPApgQDg1fM-XAbUlADZQtevwWEPt3c5QQ6g1ryExT36rU1guic4FHVaI8beu1932cSh7rZO-GYfX_Ih9rkLbVxMxVSFICLB2PX3Vg20JXqFi3PMjb3Yexk0Nvb1HZo_QpBtuRFO8xuQoUxpxqFlV0QTfZA8HWcUZuRxyGdHIZ1hZzVlB85-eMzz3JFQa68Sj1ZaqKyejWuPKST6qE5hXVbmw8bWYPmlvActooMW4f0kwH87LdofcH3amwuMuVfDpnCmSk65NA__zdy94izSa4OHSfRIS43BE-fsGlw7fuZljro1eLzY8sD12G-xW8Ajiw8yivg_cpLH_eIM6TRHjkdcpgkQko__izo9YTn3ZinG63fNepor_ShZHb7Lc97RxBIFYkCT6TxkBAuOdTp-XZ5bzdDDp_z52XOcpsSt-iqr9UX9gEwKir-pfUfiYfW6WmFfkj8SVsurUsDcX_aS7fll9CQF8otdXEaVFFLQr63zBNyF1QgLBsAm7sgJdlslYJIPXM7nNaW5UWkzSBfdt6GcT5Nwo3AJm8sQam8c0nMhESpyGyUGiDwdC8Jh6SIap6JUacQEByfaBCbWPfrVaK0VkoQLGN-WTNAGfPNYYJShXxsgDNy9DcSsZdUXSOuLLk5x2kc1NWv-4X0mCPIRkyk92ZdMLjBU2nSgiEdOPP2bXbyuWwmTuoKqMo6ToAn-P2JjkbEO_rf857htyZM7IpblRbzI_PBxJudG5R6i_L-k6gFA_57OcDEMP6zFxcgdE_4MTQb2baaRn1afCwfJoh8KVnNqPkm8S8koZ5rBRRRGMhpbGnR0IJLYf6oAsphCz4n0h15lr4bozgor6xzPbV_lYES9KXSQAFym30a843i3r3skqHRqZ96g27fGr9mJFZCxXhpxPpjD1CTUNPTsPr7PzH8FSApC1-x88-UTF2-2gGfq1xfzi8wh9UAg9AKq6Td6oF_C5iFCW7Gfg44migouZ2sQdZiih1UQOpOcK72CV19E1lIcUvcJGP3ams5ZYj9Xx_RB9KecahL8OT5mripiV4IfJQToyXFFbRKQipLeGx2mLylXGFZNJek0z-dXR0BCSowVZ4SEsWKs0ugGo2qVr2KOuzfHiLw9iiF5WccAG_XEsrS7Ltyptu_yUlEclVjhg8GyS7v-p8NMVwvf3kVJ1nlxmZqbpMrkh4kBQCsTJksgCpHazPgVoAaO9Ze8UWYXtW0BxriKd1nvezPUpDWvB0d6_PAHcvdFW8kH3MqdDAkOU2ESOSA5SEMYUIA69zXTXvXdM97h1zMm08ATjyO8gjlHxBgzsYHnaPsuJrIhydV0d1wucRKITYTuEp01sTTu7hVNmmYajGaXxqPG5yVWdyZSR9RSu4F1wgPJVndyLRFByGQh-EtFUrN0hj2krH-X9lxWwcxaUY0uYiediJNY45mlVD9WhrawC6ZZtmC1aHq6s0Qq_6OE0g_cM2vyOSxwSkmRn8yE_2VlTWkDiYoK0DPHWqzKOd7YwIkPYQCmg6R-Ndzs1nGxcP-OSdlSjR5HMLkXJHQ5JIDzsN_ZFaBsTclfjXXu996LS1IcHKPddmgHFhhrTXtEQpzXqM-aS1nTevwyYLV_qknQy7DLctdPTJgouwurMO2f69UOsjiytB2UYEEnf1Fynqx6fxSb7jtfrw7RyPyOIDCNw2TQXbPH4Vw0SH40uB2kZv1TLr2xIa3Bw8Rhc23qpZ8FEzCn1j5BkAAxYjrzVnI4vWqmKuoLmLh3NYP6mPBt67oX4v8NUDzJP6KYWIFCJ6Qw_msvU08z6comA05fC5tWHuVpp7YRcat-bxyO4hG3n_iAHObWzMveLbegZUuSTMJeI5nmDq2VoKfV4EXNgy-WTyO6Dj2GIIkD_AGvbikEUYDQQz7rU3L_VMzalYNTAXmOOOLKDGePxMPfkWRGeEpDOWrFsgx6nbU6Sd8XakYp-DaSAqUP51DbTngVjA73T7RfNyX2YXHUG64ZebegEccKXaHZqmksm36EmvGPPo3w1u1CjcTR9W50L9X2e2PIU0U16K0b9X1_jn32pgVuvnLbFTGwaKPwBbNHHl6ilYS2fGOfJr8VNqGGeHLAJnfTpXFp9cv-qEtq2VV5tXDs4LKhWeLpyI5Vrdm2YTzKUzFaYov15sydKS_UlByFtRknmHy7aoJ1phR58ACC_tm4RMg&cid=CAQSTwAvHhf_x4pu7uqbMHSrgQO49wXLXnFVT2RkihAbo3zN19gvEGqKJNWGtWAJbIAowxKLWQyZ1AvmcoHep7KSnfDjZ6rBTEdE-R4zLAcQ2S4YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fimgbly.com%2F&ds=l&xdt=1&iif=1&cor=9864038169005224000&adk=1877897942&idt=90&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:46:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 7353 31 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
server: cafe
etag: 15760894069517589058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:55:17 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7353 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:14:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:14:00 GMT

GET
DATA 200
OK truncated
/ Frame 7353 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64dda1c0176290ad210baf2cdcc80d5fd9c5c4e37c62e2a4949c3d2efbd7ef2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js Show response
pagead2.googlesyndication.com/bg/ Frame 19F6 51 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19987
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:15:38 GMT

GET
H3 200 ebay_schatten_blur.png
s0.2mdn.net/sadbundle/13832977830756705968/ Frame 2A3D 5 KB
5 KB 40ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13832977830756705968/ebay_schatten_blur.png?1701253201000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0016e81c084362ca54189c706b9023b74e9a50249f6b36b7c731af295fd81795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:00:03 GMT
date: Thu, 08 Feb 2024 00:00:03 GMT
x-content-type-options: nosniff
age: 135822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4685
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame ECA1 0
0 76ms
76ms Fetch
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssaa8Da5IjB4gdnyKDEAjaLqhJoyGUMXOO6tYf5IKnE31ZYuXGLhXS4EZkfVzGu5L38YqpnOZHlDvL-EepyzKJUORe4m9RDPLHhSyUrh5pfXYMPzrVTJQfI3_S0UiC9KmdqSjbtK_arijdqP96M9plqW_syf0JB96fxzaSi_gHPQOJ260j8uFgsa-PNORDcjiLpOlZY5sAPKcibkUGjm8znyW7mVBrUSANosLKWL9CKPpo1c26Jn_7-g_xPYBcT_pj8OwtBP69XcHTxBSPH6dAg71rYtHC0kGKtNx30LyNe-kG_AFQB5Bl4G0RF7XNt7R2wJZzD8qUtMHYvfMXgWsAqCLFc4Uu29vB28XsUSKZMnl7Bbr3ckfTgggn-mJK0hgDpXX2IgQv7wo-fw3tkxtSCBpShHYLO5eDJNmv5GJUpMx9bT1MaH0y_X9gVMKErUm_vQ0tO4qjcsnxQ2MQmZV095D45FdhVq5IqDATAXS4SvJwaE718BG0Pdg8mcG8uPq5bYxJI7AvPWq_R4L5_Vw7waGS2kn5Ic86BDse4hyMt6hmpANAYbYK9u_Dl9kA5bIWAgRA6HYBoBqF9WR2Tg_XbCSGeLEbZB764jMy2vEYnsOOPhK--O6WNOsHlioIhRaiLb4hZToh4X17M_ps984Gqbb-LJPTEKs_ub5h_VqkJbicFDJHEr_sYBMA2aHqvtBYzj29LsESFHyA_BqS3Oi6EEk_0lZqfPAZ9Rr4_zYX6XHCCIzv4Eq2YdkaR88DLjO_xj7zYVG6dUxluB0Z31japwXUBkSKIGdkymTLKVTaC8MyIKrpx2quOhMhaXCqb3t9YHdsFz-FXpPlHYoViNkc8QqW79InBGDjKFP0Oql0UwRHF-cE2JOXar2DSMA_U7lGRBUUXkKCwaTuraJKAXO3owi98TYUua4m5g7NzZFglqPApm04GTOoEd22c_fLFIkeWMBmX3jr3iBB4vJ4377AKdjfVJDY8shzWI3VJG2s-o1jbIpfxXg6uZl7yvcK2yx5SI1pbBE1klXJLZwmntgqX3Q5mdC20zp4oROkBPy-cku5WevNVrPWB52bU8BP2XxvU0Ztv9qgMn8-zrjy7l4FAmwM2h6DA59DLYOdJCL5sRpZtgSQqip1rJ7kGq3Gk6FI9Z2rfV_yR-eYuquvpCH-QRff_ABlXa8fqDAGe1s1zzKlnrgUv-0-u28qfMMWizcD-kmrdCc2XqliaODc5gL-5_x4IZ4vh5ByjJu6wOCo6qC5_c4zChdMhwRDA7RfNpV7paiY8Bx85O_qeMdO69Nzr8YZQh1kLLzAEnoOYLKp8XFrcxgm5&sai=AMfl-YSGR2qOnPqcXaNUYnDTpxPaYC15KIMCXq17fEEuWRHcbxSRZgUeKm3GLsxWh0rvLI7AyzLoKihXz3VAd-TPbYcjp3wOf2-8NqMNMEA3TV5hRLqitdGjDH1LnC9FLm-FT9-AO2Kx2PPuQHiZIF6XM7sEWhOrL9YaiK3MA5wydyMm1H28ed52FE_FsyTAFEBzPObKGrJoYX_F17_9vWsuqshX6GV0oSdMrjZdQ4hdlSREmscZsEKGhcKi2W9T5WCG7pbq512FCZoL4krlzfPbjiuo8E7sEmxf0XOTdXDvQr-zQCtpaXH4X7Pz5JyB4Lbq9UiVQIZ7R_GhB2Hx-EIAMKWwtIcURIVCSwdubBePiQYPQ77O54uHZsU9aqhBVvA-WH8pjUhBwT__XjmBnQW2NPJFHq3C8_6FmGIvmWiWxcRLlB3eSUY5iY6sYfCPc-_ACvegwZaPz3b-_6ABgP_g-OO7c0tqErdWxkdXoiDNtOHvPJUU8JJ4QOKHT-EQx6YJ71l5DJNkrbFMVQ&sig=Cg0ArKJSzGH_ihWXj2OmEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGQyLmRlLGh0dHBzOi8vZWJheS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=701&vt=11&dtpt=388&dett=3&cstd=287&cisv=r20240207.40218&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 13:43:45 GMT

GET
H/1.1

200
OK

request.php Show response
hal900020.redintelligence.net/ Frame AD32
Redirect Chain

https://hal900020.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900020.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

239ms
161ms

Script
application/x-javascript

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxgoDyzGZdvRO6mZxtYP7KSK8Aim5b2gaa2VnKfJD_AuEAEgydGIkgFglcKagqwHyAEJqQLUp6sw8RayPqgDAcgDmwSqBNsBT9B1AtvJgXg9oeqMu4kYh9YkztZrHIbUygU-ES_HXz9xeM2q-SBqu0OBhWUznVISjkr7_0tYhRAiuKnrV6NQhDop7bfPZmzo17bgpqJsSXEdkj-_h31-f6fq18jB-QZkVTUKaY_qSrG5w0BAMy_Ybl-5F5-_suPFwoW_aZ0s6CZiMZ3dQbslaeuX9zMuNWeWb7a14bjlwiEqCmFzMglxwgrz-scuu-llMQ1Cb7b5lIrw_dRYSxOT0Ald9Tzria-YKfa6q8yHMSvG4tOCtJSKnNrAI78OzenfwJX3wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljv3tfusZ6EA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB%26sig%3DAOD64_2NN4v8qTeB44_3ADzi1XohbEq3Ew%26client%3Dca-pub-3860072030774975%26dbm_c%3DAKAmf-AuU0DLykHxUay6456BznLnAYSzZCw4LhaVn1i4S5DzTjmFRSl-xvgBlTijfHJVyIPp3SJVv1DNloDbl700x3sMvwGtcqHJMXk3Pm-b6ZtJaSNLrFrCVna4dP-sVf-_4qCFnBEjhM_pDeK-z9eeICHGbSNbaQMMEVdf5Nuly5jDrCOXMLU%26cry%3D1%26dbm_d%3DAKAmf-DH2WuclJeVyjrBkUzDqknll3ocUaRY8MsgCiubhKD1y5WsRnB95qHjrPYOcRMx6H4bq3r2QAxYCe3VeEIP5iXnfTN815C7XL_Zxc7x61b2VU0FmjR9g_vKMwNk6ejNOEb2oqDh0jrj-ctcxdpWwixewY1a6ljzmB3I-dJmoyq9pU8D8hV0Y8Ae4fir20fA15Ssb3_CbQH0AkW4ORCGdfBPJQGH8w5OqN-uVis_7r8h9MXiHaUV5bMJrGDSojjcz3Q0EQrvXgQYKiOMv4lA0FhJ1-8SG265wjNgZgTj_CZzuIguBYOSMJ6fXuncUINAvZtMZw4C7kmze7t6JpgCYAdUTB4-1w2XzviR3rCMQz7T0mLYpH5OZvK8BRZFzenyZR8TU5yh8d4taYw6tdauhYW0MrZcrDKTbRy3sBdXD8PpFCNV4ctmeZ27ZxAAPdinZjpTH4oHRG-8KhhoUsj8eN5fModeq3Jw60_UB2NstJLOnmApQp_oGzvjk2nQTTWUjC7RQz-B6rGMO_xgEviBP5kijf5GJI8FrJM6_9XvI-WnDEzPntQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D3953181476%26adk%3D3359639956%26adf%3D402917734%26pi%3Dt.ma~as.3953181476%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223885%26bpp%3D1%26bdt%3D1110%26idt%3D1%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x280%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fimgbly.com&random=7706648258747&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3
Protocol: HTTP/1.1
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 224a3d721c3773ee761f4cf92e92885a93ef8a9efa21361bacf9584b0a7450c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 13:43:45 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 53311400111239004444554012595020
Connection: close
Content-Length: 1251
Expires: Fri, 09 Feb 2024 13:43:45 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 13:43:45 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxgoDyzGZdvRO6mZxtYP7KSK8Aim5b2gaa2VnKfJD_AuEAEgydGIkgFglcKagqwHyAEJqQLUp6sw8RayPqgDAcgDmwSqBNsBT9B1AtvJgXg9oeqMu4kYh9YkztZrHIbUygU-ES_HXz9xeM2q-SBqu0OBhWUznVISjkr7_0tYhRAiuKnrV6NQhDop7bfPZmzo17bgpqJsSXEdkj-_h31-f6fq18jB-QZkVTUKaY_qSrG5w0BAMy_Ybl-5F5-_suPFwoW_aZ0s6CZiMZ3dQbslaeuX9zMuNWeWb7a14bjlwiEqCmFzMglxwgrz-scuu-llMQ1Cb7b5lIrw_dRYSxOT0Ald9Tzria-YKfa6q8yHMSvG4tOCtJSKnNrAI78OzenfwJX3wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljv3tfusZ6EA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB%26sig%3DAOD64_2NN4v8qTeB44_3ADzi1XohbEq3Ew%26client%3Dca-pub-3860072030774975%26dbm_c%3DAKAmf-AuU0DLykHxUay6456BznLnAYSzZCw4LhaVn1i4S5DzTjmFRSl-xvgBlTijfHJVyIPp3SJVv1DNloDbl700x3sMvwGtcqHJMXk3Pm-b6ZtJaSNLrFrCVna4dP-sVf-_4qCFnBEjhM_pDeK-z9eeICHGbSNbaQMMEVdf5Nuly5jDrCOXMLU%26cry%3D1%26dbm_d%3DAKAmf-DH2WuclJeVyjrBkUzDqknll3ocUaRY8MsgCiubhKD1y5WsRnB95qHjrPYOcRMx6H4bq3r2QAxYCe3VeEIP5iXnfTN815C7XL_Zxc7x61b2VU0FmjR9g_vKMwNk6ejNOEb2oqDh0jrj-ctcxdpWwixewY1a6ljzmB3I-dJmoyq9pU8D8hV0Y8Ae4fir20fA15Ssb3_CbQH0AkW4ORCGdfBPJQGH8w5OqN-uVis_7r8h9MXiHaUV5bMJrGDSojjcz3Q0EQrvXgQYKiOMv4lA0FhJ1-8SG265wjNgZgTj_CZzuIguBYOSMJ6fXuncUINAvZtMZw4C7kmze7t6JpgCYAdUTB4-1w2XzviR3rCMQz7T0mLYpH5OZvK8BRZFzenyZR8TU5yh8d4taYw6tdauhYW0MrZcrDKTbRy3sBdXD8PpFCNV4ctmeZ27ZxAAPdinZjpTH4oHRG-8KhhoUsj8eN5fModeq3Jw60_UB2NstJLOnmApQp_oGzvjk2nQTTWUjC7RQz-B6rGMO_xgEviBP5kijf5GJI8FrJM6_9XvI-WnDEzPntQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D3953181476%26adk%3D3359639956%26adf%3D402917734%26pi%3Dt.ma~as.3953181476%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223885%26bpp%3D1%26bdt%3D1110%26idt%3D1%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x280%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fimgbly.com&random=7706648258747&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 09 Feb 2024 13:43:45 +0100

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame B105 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 07:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 07:36:42 GMT

GET
H3 200 ebay_schatten_blur.png
s0.2mdn.net/sadbundle/3160727161327022755/ Frame D84A 5 KB
5 KB 39ms
39ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3160727161327022755/ebay_schatten_blur.png?1703153381978

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0016e81c084362ca54189c706b9023b74e9a50249f6b36b7c731af295fd81795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:06:00 GMT
date: Thu, 08 Feb 2024 00:06:00 GMT
x-content-type-options: nosniff
age: 135465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4685
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:24:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 80FD 0
0 75ms
74ms Fetch
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsstbWanr6jKI9XqA6wUU8KQAxGNEUmYMCdvlnyWIrcpNV7oRuPX_Pe-wd2yJFDBv_1fnXwzZ6qLQirSCgfCPUkDmy8OMSIKVTmlMF6pSZokFlvlfQLgmzzFtOro_ogVFpYLKrK9v5727N8MohAgRiXZkBb7y0tXx_yOVVL7zwTjM6UHEEqWBguLTAEaF2Z5LaK1lzpncSzo-YhSz0BlOn5vs_lqp4PpaWQ4ZvlXxns1sCEClGu9orZxADfdsXC853SincwpiOLzRpyRBg0_uDQ9y2H-2jNU5KFh_ZGoIeCaiYDg8ufMLhcTy8Kuo7gbIFrDnEYH475LxMScIuQW3_96KVFnuZlao3Mp8kravc1r1W5FZYabgnuAi8aGUmqqhJGPO1UqWTqxSBJ7MOic5EoJ3eH2U1cMmIfreDrero4KVTf9wCr3BZAu3wDr_0gPnmJgzRkJesot2cjz59fpBNuwtx1I5BKovJXcpAXz8oz4010Qqzg0-EUJROkBOWbbeJZnEIQBRs6JqJoTxFUV7T_OvHyUHgAgzzybBjAaa0sOVcZVvQ28N8wKUEPqojAL6jGrmF3f0m7rXwxj2MvamnjItNn9mbhkgkg54G5ysrvxQ1lItcedVOFtHsz50QSCUthXuaqAeZXPjZGvbDzo5Zw9yLOXqqIn7HPC4ChZFP5IptWOG9LjvG6ybyWNFvTB-WQ_EZMA037Msqr9oqc2gHJd6S9oplzUiDOEjA528oFHbSrU6h2Mgs5cEuyi3xgvLSnVzkLhuz0InYyAo8IwYHOtwuYNveaT3a61zSPbnwBq8VyKgErv9sO3dLvp9lKuAAf749Yv44KWf3CT-RQtiLyNr1YAMGp4uVU4SaU9rEMLvYu9OX7Ddau9r9kYP7-sV08FReD916AoJxJqeIgVvI1SQvAm0lDqOa50rZIfiAZo3nfPKSZF-zBradvFlKrbUpuFzV6HOgp7SG2k4-JXuj7gMHHaB4ZjD7WgxzEGK6qNGqxgDFT78lNC2wS5c4VI6O9RiZ2Nz3iGSUZIp-Cotxt6QmbwzJqrEtmnpifWthG62pkteEGFDnkfpJtRX1dtjTkQRNi8TpDuiz_VsL-AqH4D8uCe-t1gllp6hekblVFdMRu4aXVrEUlUenWpYr3xilinRTJsmC1Zfw54hXCfZMsM-9i6YNA6rkr-ZyqiebcsZy6zmkMPuxktr3Lo_4uyWOLOaY2RozQrDcqpk9pc9SILRg9EzGG3NFCDz-MPOgRKyi9FQOXCuEW6blQOWGFYlqrBAgLu1D1K7wRsFwWAwXqWxlTYI76UQOJcRcNdsOteNKirfmXldUZBn-eid_w&sai=AMfl-YRawue5v_2VsGKv-hKGZvYqjEnS9rf0Oe7Ocp-cphm5L8bj8_5nlyVdSPuPzlFvWisvA0GGjC8GaonqxN8O0wdnPbp_3L4VVj9wpUb8EFhCEWE9Tdvhb6_AMB9YPyarjHS1iH4rypicP2c1MBwDgcQU9uGUcfL-O5pm19QTEfXjRlUzJZ6W5ML5MMI_mbpaJSHfNQp2H3w5d6WghkkTAIHYZReEi8GJqMn8c4wG3GtYt_2pdhOuvXW_AXw113CKhgkUoLz92brENu5xKmqpCW_5A7yTP_zRfKY_MNjqSqDBbt759CEkKySEAjsbLZO8lYmCgUGNI4bnjqc6RoUBc_s-0HTmVQqTArORTY4BPS36xtV05qwgiJk1DjtziOnlyb3fTc4HQ0wBtXasFkzXTO65rPnxuRe7WqOdzISyf1sfhcHi0Q40ZL1DZtM-zAbZxeIXyc_NyIr-uXqpRudzzM6a9e9e_iuhZD24oP-LduLAfrl5veuVkCrCIxwqdb4MTHn7celBdHAqbw&sig=Cg0ArKJSzH-HaJcb4yRiEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lYmF5LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=464&vt=11&dtpt=265&dett=3&cstd=198&cisv=r20240207.62618&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 13:43:45 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B0A8 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 135036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 00:13:09 GMT
expires: Fri, 07 Feb 2025 00:13:09 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/ Frame B3A3 107 KB
22 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4256934e5894904421323cfdefe6447a92b658b179d4c643d30803610e47ce58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 67425
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22103
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 19:00:00 GMT
expires: Fri, 07 Feb 2025 19:00:00 GMT
last-modified: Mon, 05 Feb 2024 09:12:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7353 0
0 182ms
80ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoKl3mta6Xq5zia0WE00-JZFdoD3yjj5SpO4KBL3UnfnjlOgUhViiALc5NTLY7tny8m--dpB9oZyGlnUI_uWJu-V9ZEn0RChPkka4RHZn3dUqMMCs0tWt--Nwu_tz-qn53t0uq3ycjWSqkYEWyr4oesfR-GY0lJ79X_QenDeVLaYKyjtNDPz8TrIsjm3XHkndwnmed7FngBnrQPTrs5cxHaVedhnQnB7CpTpFH_ac3XO8VpCbUYDcM1jUd0n_TRM1RiBoqNiEhf_0yYh2W1Kp4KM986P13tBUt1-Ev6duOf5qebjc77tCOq9CQ6T-O9cTAq0-2CPdwae2IgE9ov9D3RLuwrBf_p60Sd5uiB-Ijy2MYa9VMV0tKk7DDSVyYa0OihV7mu8mVI0iWS_lGrK929x0Rzo1I0B17kUDSvmeAbKvioGii8JWwggg1Tws98-RNRK7vTmfZEqX282tK-4TH6svFqBxgNPS_-eE0dg4hYnw9SPFMpneOlPWYk3h7uZJVMsqSJXbCrf9MzUBVKtDLLtI06rRV2G1_Li53uXtFJz71v_wsGKN2brfXHbdrH4Qx3usRzBtE5jakgO3x3ZJuwBac-G4cqi0MTX9hJN84zHYNz3XDGry8N4gH9q_PDBfSeuDsQjQOsmEeINbmhfiOyjsXoQsh0Ff9hh19yRP7-WgIL6NveLIW0zvGMLpPVKbLjUn1ej14MEFwYxarHTSmGsKcTq4Gk2pFev3Sk7BhA-vJgx9qotMabC8eJjyrFVtiFKI0jGLbSmGq9JKkiDONEm0spm4-7iXO1gAtKyGRRrwivySInWpMpigmXkRdANtdKSXjuowQQPxPDBL359SnzMkqhGkgkCoKhGKCSI5BapAyqkqmhCVlzVyFyTxzkX2z86M-Nv46vIQTeLUmBc7iPXW_Pebt6n4KRfJXfk_78VUanIDsssNF71xQhshbnEwLwmawgztAQReZvYqc1jCixn4_9dvrjd1awelBRz57WXnjqyZWrfGgE3Equt2IEvTlNsaj16CEZknztGndmQP7HWxedTL3Nn3RRrVv-ShX21kA96adVPvL_rLDDTT9HRJE2bLitW9NgIt0JMKBnltBxCuy5sSWIaSN3OSh-hIc8Btzoc_-D9ZtrXWXUnA1ejVZYR2SFq-KW7mW675xX48L2lT7hMiGul6tnqQM95S5A-AEcSTQl4Gq1BJ-2IddKcdQuo1jBm1wg3r9TSRCdNGN7nEey6PdjCdPzsTcuLH7BwgfojY1SNvhh_iN4F6BBC0ssy4_j65R7plhw2IiBcYhTzb1j_lnNnaEX-6f&sai=AMfl-YS-ccdeNDNHfsx1Y9Dk_beZ72EA8tD5C9GTF6pnbsqODafPALbSqXW-rA1q7WDA6kRm3C-F0WZr0UEz5blL70eqMtgRJ1JZzPK9lOctpI45GR2ruH2dfreosZHriIDnvbu-AMCEiiuAI_Rz7UxmQGrcjwV4d-Y3m9FsxQv6bSZVcTdhJ7SeI9iwGfxC0ZpvjKEG_KBQ1gMBskTxkFsGb3T-ZK9In8QbXgyu8aN-QPgTqUoVnra42TnJhhuDr1PbJdzdG6dHJCkjv66vQTxeAzEAMZWE9BEKqx7y7FVsEY9ko1XS4iPqCoR7RdWIy_-8zjY&sig=Cg0ArKJSzNf1Zru8O_e8EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=111&cbvp=1&cstd=109&cisv=r20240207.67484&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 09 Feb 2024 13:43:45 GMT

GET
H2 200 93656
tags.bluekai.com/site/ Frame 7353 62 B
570 B 319ms
202ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D31349692&phint=crid%3D209756387&phint=pid%3D387475364
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 09 Feb 2024 13:43:45 GMT
content-length: 62
bk-server: a175
content-type: image/gif

GET
H3 200 lasseslos_schatten.png
s0.2mdn.net/sadbundle/13832977830756705968/ Frame 2A3D 3 KB
3 KB 41ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13832977830756705968/lasseslos_schatten.png?1701253201000

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd9191b54458571772ecc516d40c60500777575b19c501e8a5ad9dbad5a8524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:12:56 GMT
date: Thu, 08 Feb 2024 00:12:56 GMT
x-content-type-options: nosniff
age: 135049
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3236
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame B3A3 32 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 23:49:10 GMT

GET
H3 200 lasseslos_schatten.png
s0.2mdn.net/sadbundle/3160727161327022755/ Frame D84A 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3160727161327022755/lasseslos_schatten.png?1703153381978

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd9191b54458571772ecc516d40c60500777575b19c501e8a5ad9dbad5a8524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 22:19:18 GMT
date: Tue, 06 Feb 2024 22:19:18 GMT
x-content-type-options: nosniff
age: 228267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3236
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:24:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/13832977830756705968/ Frame 2A3D 50 KB
50 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13832977830756705968/visual.jpg?1701253201000

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd2c7d1566e1911f10b1e1787294bf7d6af91254faaed3db91e6d9dcf87c4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13832977830756705968/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:00:25 GMT
date: Thu, 08 Feb 2024 00:00:25 GMT
x-content-type-options: nosniff
age: 135800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51551
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame B0A8 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 07:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 07:36:42 GMT

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/3160727161327022755/ Frame D84A 50 KB
50 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3160727161327022755/visual.jpg?1703153381978

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd2c7d1566e1911f10b1e1787294bf7d6af91254faaed3db91e6d9dcf87c4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3160727161327022755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 17:52:59 GMT
date: Tue, 06 Feb 2024 17:52:59 GMT
x-content-type-options: nosniff
age: 244246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51551
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:24:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2CB 0
22 B 73ms
73ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWN2DDyzGZbraOOKD3rsP5_ioyAkAAAAAOAHgBAI&bg=!X1ylXBPNAAaxkZ3akZE7ADQBe5WfOJ_F-6QpzMW3k7ZfHXgzFPsDJm_zEMJQzUcy13udcZSpcusn_Baj9lwxSYF7PJ5kAgAAARlSAAAAAmgBB5kC6xw4B_owQ793DyOWj7fcFaMOLZzlSU5GAg0OrDfAz6f4QrYCxYvo-iv1OKrSSdhMbPOawCxqd29HZDtpwF92nTNor9GQE7SmozwtNqV7s5OHhfUmL3r0Z-yJggHHMaw5zcariwA24B7MRm1OfclMtFzgNNmZFNBn7I5zCQ42elSPyZXK9tch3vB1f8-ib2j0msfqYOwHBLTLu3vmJ63cYjBmKI_z9B8ggqf_dHYxPhLDeEC9ymDt5cQEaHYYmQ-qJL1jx-6blB3hFl6sIligluc-Uvawob6_7qfSyiShshj23WceaLCXTLrQIZPTo48DCaKt4eiVOAgmDBrnbFNBOGbgyy6YRtMFU2WdoaG-eOpE6sboI8JIA0wl71Qw70NRS2Yb0HR5lWo2QbrvczgTm7d8q-5wz8m2YAJanx86QXj0kfvPeMGFSxzS6Nmlzdbm6QRx2O83wYNizWR1RSTEqdUcd0TJDNQKrW8ZEYhfWKJPRxNPiwAPRbLNj11DL33M85zbj8Gmz2PiCWQ-04XS1Gr7zaccg6u9dFLH4yPvZia351Dmunb8HUz-Jt-CzBzygwLC-4vh9MjJ_o6vHk9WlOQ3gXLFaqkntHLwEXDdRW3AfWGDmxUSagpDu2zuMGoKbP_YA3IbkywROGzZ5QNerwLLwqqoTLZT2gyW28G0ZCu1ZoNPY7RYCetgLQThhp2Z1uK6YQeg9jCTPlRbM7tKNg6VAa_55DTwHizVRYmWJJDXjs7LrB-hyYl6gnHIQC-cSKHAwmavcuocFxFi_wjl11wEMvt3E-ovIy3tW-TUE3bDsWSz2Eyaw3blr7HgospJSAlSXSRdldaDxwdMPIFnuB0YqsT9ZNhxZnzxqCW6cAQlJQs8lw6ESByJplgzXZ2y7-gdI8jPaHlh2wZQNJ38xG9VDONFsImXb1MCLn_KwQfO9GM_Cs2eTFuO2p2Sis680u7SXrcVIu1vZDYmZj-yKfO2YjtPBGU6s2lsDA

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7353 0
0 76ms
75ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstoKl3mta6Xq5zia0WE00-JZFdoD3yjj5SpO4KBL3UnfnjlOgUhViiALc5NTLY7tny8m--dpB9oZyGlnUI_uWJu-V9ZEn0RChPkka4RHZn3dUqMMCs0tWt--Nwu_tz-qn53t0uq3ycjWSqkYEWyr4oesfR-GY0lJ79X_QenDeVLaYKyjtNDPz8TrIsjm3XHkndwnmed7FngBnrQPTrs5cxHaVedhnQnB7CpTpFH_ac3XO8VpCbUYDcM1jUd0n_TRM1RiBoqNiEhf_0yYh2W1Kp4KM986P13tBUt1-Ev6duOf5qebjc77tCOq9CQ6T-O9cTAq0-2CPdwae2IgE9ov9D3RLuwrBf_p60Sd5uiB-Ijy2MYa9VMV0tKk7DDSVyYa0OihV7mu8mVI0iWS_lGrK929x0Rzo1I0B17kUDSvmeAbKvioGii8JWwggg1Tws98-RNRK7vTmfZEqX282tK-4TH6svFqBxgNPS_-eE0dg4hYnw9SPFMpneOlPWYk3h7uZJVMsqSJXbCrf9MzUBVKtDLLtI06rRV2G1_Li53uXtFJz71v_wsGKN2brfXHbdrH4Qx3usRzBtE5jakgO3x3ZJuwBac-G4cqi0MTX9hJN84zHYNz3XDGry8N4gH9q_PDBfSeuDsQjQOsmEeINbmhfiOyjsXoQsh0Ff9hh19yRP7-WgIL6NveLIW0zvGMLpPVKbLjUn1ej14MEFwYxarHTSmGsKcTq4Gk2pFev3Sk7BhA-vJgx9qotMabC8eJjyrFVtiFKI0jGLbSmGq9JKkiDONEm0spm4-7iXO1gAtKyGRRrwivySInWpMpigmXkRdANtdKSXjuowQQPxPDBL359SnzMkqhGkgkCoKhGKCSI5BapAyqkqmhCVlzVyFyTxzkX2z86M-Nv46vIQTeLUmBc7iPXW_Pebt6n4KRfJXfk_78VUanIDsssNF71xQhshbnEwLwmawgztAQReZvYqc1jCixn4_9dvrjd1awelBRz57WXnjqyZWrfGgE3Equt2IEvTlNsaj16CEZknztGndmQP7HWxedTL3Nn3RRrVv-ShX21kA96adVPvL_rLDDTT9HRJE2bLitW9NgIt0JMKBnltBxCuy5sSWIaSN3OSh-hIc8Btzoc_-D9ZtrXWXUnA1ejVZYR2SFq-KW7mW675xX48L2lT7hMiGul6tnqQM95S5A-AEcSTQl4Gq1BJ-2IddKcdQuo1jBm1wg3r9TSRCdNGN7nEey6PdjCdPzsTcuLH7BwgfojY1SNvhh_iN4F6BBC0ssy4_j65R7plhw2IiBcYhTzb1j_lnNnaEX-6f&sai=AMfl-YS-ccdeNDNHfsx1Y9Dk_beZ72EA8tD5C9GTF6pnbsqODafPALbSqXW-rA1q7WDA6kRm3C-F0WZr0UEz5blL70eqMtgRJ1JZzPK9lOctpI45GR2ruH2dfreosZHriIDnvbu-AMCEiiuAI_Rz7UxmQGrcjwV4d-Y3m9FsxQv6bSZVcTdhJ7SeI9iwGfxC0ZpvjKEG_KBQ1gMBskTxkFsGb3T-ZK9In8QbXgyu8aN-QPgTqUoVnra42TnJhhuDr1PbJdzdG6dHJCkjv66vQTxeAzEAMZWE9BEKqx7y7FVsEY9ko1XS4iPqCoR7RdWIy_-8zjY&sig=Cg0ArKJSzNf1Zru8O_e8EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=310&vt=11&dtpt=199&dett=3&cstd=109&cisv=r20240207.67484&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 13:43:45 GMT

GET
H2 200 main.19.8.481.js Show response
static.adsafeprotected.com/ Frame 7353 215 KB
67 KB 168ms
51ms Script
application/javascript 2600:9000:2304:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.481.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1956845/78353831/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1016043604&ias_pubId=pub-3860072030774975&ias_chanId=1&ias_placementId=20991824298&bidurl=https://imgbly.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hvpVjFkY9U8QHx9fqECIxZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e5d18104e634a560688f1cafc4c2dc95dc64d5920d1534a4166cc1576485ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 15:55:05 GMT
x-amz-version-id: vykY2lfs3Wi.szOrcFKizeAEGW_6xbsf
content-encoding: gzip
via: 1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 78521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Feb 2024 17:27:34 GMT
server: AmazonS3
etag: W/"062bc42f17daaa8181c8155def25a1a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Gtlt3rtHYOifUorf8PTmY7e4AaLhqlbpYMfBzG8cH9AaiXHApmFq-A==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD58 0
22 B 76ms
75ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKH_gDyzGZbiGO4_8xtYPwdutsAEAAAAAOAHgBAI&bg=!zM-lz4DNAAaxkZ3akZE7ADQBe5WfOIAdN4r73Olv80WYOlj647FIq7msQja_QEwaZW93x_ghQZ9m4jVulqMCghvm8da-AgAAAOFSAAAAA2gBBwoAZJqOXW0h0WmdCo_fLQKOSrwXmwMheUO6CeEDAOvc4Ozv90wYgsn7rLxjw8h1BCL4KrLaAHLK7zEquEd4Lyaho3dd1B6FSgAfRFla7gW38DnV6le66t80FWhvx2g3rh_1Ss-JjuCZAu5chD1RyazH_iDJsRhQ6BIaEPYtLLENpuSIi6Z9QWXc7esSnf6RJzaN4aTtXjED5mZVbceh9p3dOPJGEYyMB-PUijTw5O9GQ5Cp-rDJMy58GenMB7akem4ZfzlAG82hDKLxC-DJN2n9fxwRwD7fLU43d70w3t_reDggKf9sWYwBjDjR2rkiUlNy9UlCVhcoKEO_AZJmsuuM1Jjs5H8aEp6STMHzSd67DanXhcPb-tdhA3kE95OdP_Q7W8Dz69kgTsWPdR2EPWEoXS-TscSUBFX5kLvPfo4DOyll9HgRzqBHOhDVxm2e876IhJk92OERObE6sFhq6F5k-q-xsusOkOWkQVjh7pKLCUO8psLvQVYaoWLF93_4htja9q4k26MZ7jwWkJUClQV8FkoXDEpsjZl-hZnsZQyn2Y2Jb1XZdQk1KN7ymUk2GLrsXHM96Xqe2sbdCu6aUvxe6F6oEjOONWqMHfL6-nGOo5O5uFHkZ9rXi1d14hqhxS2PhCQOusGTBE_WlFlSbw1iDWPBzbYet6pY32QqowBZEq5_tYnODf7SmYqqGRUVZlykFPQA1ugBgBo5_Yo2A6Tg-7aPWxWesZutl2K_JkzdB8KvhRjSK6IoP8kRQgqxoUc_LA7jGd7jNTVxrE38k7l-7Qjelh_Bq-Nvn7lnrOgEfAVOjlUyIUkXo63J8rvSD0b8CfGtRjruUgd3FmcGNKsxtlYB6ffjKQTbqiZAWOLTJvk0d8qy8VgGv8a3SWjKwNsdRHQYgLg_ZUhA9XGgVryYWOGHbIX4fk4UXNebSrY3o-oKioL0nSB0W7Krkvgl0DxefK1xPVHmkweFStwHGBPRVvD9i4lHLYO2_Oazb1uHskDmj_PayX0Pq4CT364UT7qy-R14M6-2LoDmHDFnlDfGqT-mJ2hrFAjCKDMhT-J66CBRDJVk_wAa8rd7Y4IDrlk2AZXnMlGxWgzlxSyc5cLOxuHxDSyC8KZVjC88yTObf7bqxd_G8zU

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MM_logo.png
s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/ Frame B3A3 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/MM_logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4336111e84dc42f94adca7e9798d71626c2a01330dc700bda5fc9873dc39efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 19:00:00 GMT
date: Thu, 08 Feb 2024 19:00:00 GMT
x-content-type-options: nosniff
age: 67425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1814
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 09:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 SA_logo.png
s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/ Frame B3A3 1 KB
1 KB 41ms
41ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/SA_logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff410c49df1880c0d305691923c285ecf96aff086fc430af176e59bf18d4357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 19:00:00 GMT
date: Thu, 08 Feb 2024 19:00:00 GMT
x-content-type-options: nosniff
age: 67425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 09:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual3.png
s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/ Frame B3A3 2 KB
2 KB 42ms
41ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/Visual3.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8830be3efc4a52baaf4c0f930a2ac371946d8beaa6d5167161f9b9403b238246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 19:00:00 GMT
date: Thu, 08 Feb 2024 19:00:00 GMT
x-content-type-options: nosniff
age: 67425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1877
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 09:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual1.png
s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/ Frame B3A3 4 KB
4 KB 42ms
41ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/Visual1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec273edf9b5f953d666bc201f99475774c2733532cce1d73b0dd07de2775421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 19:00:00 GMT
date: Thu, 08 Feb 2024 19:00:00 GMT
x-content-type-options: nosniff
age: 67425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4106
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 09:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual.png
s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/ Frame B3A3 3 KB
3 KB 43ms
42ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/Visual.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e71726d480c0ad3e10dbef386a36ff93b7c1b97b932ed1a400146ec5a8ceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 19:00:00 GMT
date: Thu, 08 Feb 2024 19:00:00 GMT
x-content-type-options: nosniff
age: 67425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3218
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 09:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Bild.jpg
s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/ Frame B3A3 14 KB
14 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/Bild.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448fc5a7c3008950754485ffdc353df4286011cec2e401dd0367531400b42163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7955722567000917782/Leaderboard/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 19:00:00 GMT
date: Thu, 08 Feb 2024 19:00:00 GMT
x-content-type-options: nosniff
age: 67425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14025
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 09:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B105 0
22 B 72ms
72ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BjHKMECzGZYSfMKCyx_APneK0qA8AAAAAOAHgBAI&bg=!LS6lLmHNAAaxkZ3akZE7ADQBe5WfOMKMFBF0aYcqWw4-zKThtooEkj1hQ13vsFbcJA84fqDQjrKr1FL__v8g1R0iNUvUAgAAAMZSAAAAAmgBB5kDG6dw4iYd62A9u7rrsAhWmidemyQCztm4kQUI-BUP6_GrkJmAPGXgUVEyV95USJCzpuq3XkdeYrVAh2fodqDsY7QBGfXca72aGCNFojSgEcW8a3V6e0eMR3CR2NrE7J2_hAQCXuPiKCfRhcmgh3vxqDnL-u98i7O1ZYq2-3hHKBPvn3zkgnW1mHTxi4gg_vxGOqwBg5gIo7FQ57XcDqSuwx1AUlWaNdglHZ1SgzkZVqf8zzYccto_QgKh6XvdTKrVJQrK-tcNXnRL6ejvOg61KfrvI0yw3NpNHAcSIS8jz2KljXbMnpzjggCL2nzlu9jeKsZOLTb_4BMdl7OGcKrkgdL65o44x9zPCUU3YJkskR5qPVeOVlg2W6nzFfA1bbYdjDTVAARaxDwRUIItZx5HwHKxbIhiHrJMe0jgEgUJMr2qFG3QFPAMkac8QovBST4ZP4do_rN0RTIokxSBj5VALxktmPh70kAdLIPo6lzuauFKDXQVHAZrGR2kamW0-MvawOEce281-MWJaLYAlrjgirC-AmCyXdyuZz_04bG6SwBUfm-RBv3n05jKFuWvH4oVc8l1AO2oIyM84crYDTAcHlHl_tzWUUun4_ycOmTcIg9PBWwUVhD2vUxkRPNpwr8nNC08oBLzbiD9RfI0tVPjqPAqzdpnJnqskKr-K881uS6qAo7Ix3u6qKZOO5A_p3zROdymYavMD3sALze8sJxBUIFPgNJU-ydlHiwtead2jcm8Fzs1_imD5fKfdLKNPlx6o2pKfNvotlIMU8UmneAdez13JZrN2PHBBIuBwbQKOcGBcQ-Eh2HI0vbGX-eaLWonbFoJQwLgyP30_j0bBu5IU9szd0uAm5G04OuC02BOPEPsVk_OP-sXAelRv0VIP1HF-mo4iuPDhYGQfU9g0Ge3D4bRDHBj4pKVCaDja4JgmHuRSXPhkLCCL5YoaDqcrCPEmBe32GfGb3bRnWYfw3hoSCZB8QRIgoKp2fM1k3moh9CWPBKau5EUnxGnAYqElFPQIjwe4Kqo9N10ZVGwPsTtdYKZgRwTo_aChaQCpA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0A8 0
22 B 73ms
73ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bmj2YECzGZaHbN8vzx_AP2eWvYAAAAAA4AeAEAg&bg=!u7iluPfNAAaxkZ3akZE7ADQBe5WfOB8ugRRbphG-SRi6nW95pfkDf131POcYtA2-Eqx7KPkkf8K9KyKsRWN0RQLAASN_AgAAAGZSAAAAAmgBB5kDDVkPAOr79losXv8ash-KFV0uycXC8A7pGlPHsHjoLN_XcAbySYDzP3WsocX3UcmqUSvyJXByG1QFtoaWVT4cn3r7WCaQd1FMeM9wtlwvWoqMX9MMjjqFhgHfeifOXUzqtRlFIrTGGAuEVsjGcIHxecFwiX8ZrUiX4xZBxZmZcQngK9aUOz_z4izN1TIF9wSvrTlRkXNvT4MQovjKef1XtJZHedDi3ZLWymsg0xOwrepDHasHiPrNtc6wSUdAVIH99rC9RSOZxl80W2jwb18J3JSbn8Ps7XUDXgapq6RugJikdsQfAsJy9nNQEArDAJMTGrOM9NpOzimHUpxAHmoulWz4cnU_zafFEOUE1oyQfxyFDZI4XwaRBe0LPc-kTW4EmL1t8lr4Wk9y3jmxibeQLijfN0ZvW9JaVAbK7CUpP2dujZywmwvVoVQY2mSPqNReqxfDVE0GeN34KJ8Q1MtKd9QITCTl10WFTNDBOOfRiNgHNuuzgibFvXIocluhjhn7fqNFanaVQTzE8LtXxOVbRArgsE9YyxjZWQNQDkGrBGBp7frPr--0kiTaqEebiO0nA-iVhw6P6OpdSjnMCFaUE5b9eB4ysWXU29dIdcCPppuWUqd6GHpY9wm_-byn8cpctJmhXe2baOxV0IxFiNYTXA7e3oyYjkL68g6OoKPyqE8aoYuLHXAd6jdEhf0BckNnNi4cVFdXKePbralc-e_tBi_NWBfDzNGfc5GVnc9rOW9LNmQR4oiRUYPbKf2KEyIBP27s-dfc4DA746LNyesyfV9o-MsKN5Hq5vCaZHw8kjC4GGrZ7-jzdHGUSFF6ERU5V4pgtnrBarQt6wkIeD7Mj2vr6wM9rDU4W6A1oxHQ77yG3GuOr3Jan4Ohza7PNMltflDq95BM6I6_E-XyAi_JN4yYo5KScG0RQSgwb8LUZvHf1W_jcgTp3t32OF3b_BoS1FpedIzgO0v4SBcKY1j6MMg2YrDL6KdbONtXxIkakzZP_bymtXNTxVRdW0YUGk2WatjUa0n84RYYQZo0yzE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 1A78 930 B
923 B 210ms
41ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxgoDyzGZdvRO6mZxtYP7KSK8Aim5b2gaa2VnKfJD_AuEAEgydGIkgFglcKagqwHyAEJqQLUp6sw8RayPqgDAcgDmwSqBNsBT9B1AtvJgXg9oeqMu4kYh9YkztZrHIbUygU-ES_HXz9xeM2q-SBqu0OBhWUznVISjkr7_0tYhRAiuKnrV6NQhDop7bfPZmzo17bgpqJsSXEdkj-_h31-f6fq18jB-QZkVTUKaY_qSrG5w0BAMy_Ybl-5F5-_suPFwoW_aZ0s6CZiMZ3dQbslaeuX9zMuNWeWb7a14bjlwiEqCmFzMglxwgrz-scuu-llMQ1Cb7b5lIrw_dRYSxOT0Ald9Tzria-YKfa6q8yHMSvG4tOCtJSKnNrAI78OzenfwJX3wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljv3tfusZ6EA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB%26sig%3DAOD64_2NN4v8qTeB44_3ADzi1XohbEq3Ew%26client%3Dca-pub-3860072030774975%26dbm_c%3DAKAmf-AuU0DLykHxUay6456BznLnAYSzZCw4LhaVn1i4S5DzTjmFRSl-xvgBlTijfHJVyIPp3SJVv1DNloDbl700x3sMvwGtcqHJMXk3Pm-b6ZtJaSNLrFrCVna4dP-sVf-_4qCFnBEjhM_pDeK-z9eeICHGbSNbaQMMEVdf5Nuly5jDrCOXMLU%26cry%3D1%26dbm_d%3DAKAmf-DH2WuclJeVyjrBkUzDqknll3ocUaRY8MsgCiubhKD1y5WsRnB95qHjrPYOcRMx6H4bq3r2QAxYCe3VeEIP5iXnfTN815C7XL_Zxc7x61b2VU0FmjR9g_vKMwNk6ejNOEb2oqDh0jrj-ctcxdpWwixewY1a6ljzmB3I-dJmoyq9pU8D8hV0Y8Ae4fir20fA15Ssb3_CbQH0AkW4ORCGdfBPJQGH8w5OqN-uVis_7r8h9MXiHaUV5bMJrGDSojjcz3Q0EQrvXgQYKiOMv4lA0FhJ1-8SG265wjNgZgTj_CZzuIguBYOSMJ6fXuncUINAvZtMZw4C7kmze7t6JpgCYAdUTB4-1w2XzviR3rCMQz7T0mLYpH5OZvK8BRZFzenyZR8TU5yh8d4taYw6tdauhYW0MrZcrDKTbRy3sBdXD8PpFCNV4ctmeZ27ZxAAPdinZjpTH4oHRG-8KhhoUsj8eN5fModeq3Jw60_UB2NstJLOnmApQp_oGzvjk2nQTTWUjC7RQz-B6rGMO_xgEviBP5kijf5GJI8FrJM6_9XvI-WnDEzPntQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D3953181476%26adk%3D3359639956%26adf%3D402917734%26pi%3Dt.ma~as.3953181476%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223885%26bpp%3D1%26bdt%3D1110%26idt%3D1%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x280%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fimgbly.com&random=7706648258747&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 09 Feb 2024 13:43:45 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 16 Feb 2024 13:43:45 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame AD32 2 KB
2 KB 276ms
106ms Script
text/html 3.8.30.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=53311400111239004444554012595020&nw=1
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.30.143 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-30-143.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 41a11dc89563dc0c98e8dd092885b40b021c469853dd67df7b59be1ccf8f55ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:45 GMT
last-modified: Fri, 09 Feb 2024 13:43:45 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 09 Feb 2024 13:44:45 GMT

GET
H2

200

activityi;dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758 Show response
8019191.fls.doubleclick.net/ Frame A517
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758?

2 KB
1 KB

80ms
79ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758?

Requested by

Host: imgbly.com
URL: https://imgbly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

bff45852d16f3337a1ed1963441fd9e219ee6c289c73ed533fa32f01fea241ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 907
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:45 GMT
expires: Fri, 09 Feb 2024 13:43:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame 3F21 7 KB
2 KB 119ms
40ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bf8d8f1ca6&subid=&uid=79e8988f826c0558&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfxgoDyzGZdvRO6mZxtYP7KSK8Aim5b2gaa2VnKfJD_AuEAEgydGIkgFglcKagqwHyAEJqQLUp6sw8RayPqgDAcgDmwSqBNsBT9B1AtvJgXg9oeqMu4kYh9YkztZrHIbUygU-ES_HXz9xeM2q-SBqu0OBhWUznVISjkr7_0tYhRAiuKnrV6NQhDop7bfPZmzo17bgpqJsSXEdkj-_h31-f6fq18jB-QZkVTUKaY_qSrG5w0BAMy_Ybl-5F5-_suPFwoW_aZ0s6CZiMZ3dQbslaeuX9zMuNWeWb7a14bjlwiEqCmFzMglxwgrz-scuu-llMQ1Cb7b5lIrw_dRYSxOT0Ald9Tzria-YKfa6q8yHMSvG4tOCtJSKnNrAI78OzenfwJX3wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljv3tfusZ6EA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_krXx3B6MtinebL5DPxO6hO0XHdEMbcv0Ap4udmnTFFVD2FiS16Moytvo-BD2l2JsN1XX2M8I_aRDVRyZ7qvm_jFQ8QYNfnUobhgB%26sig%3DAOD64_2NN4v8qTeB44_3ADzi1XohbEq3Ew%26client%3Dca-pub-3860072030774975%26dbm_c%3DAKAmf-AuU0DLykHxUay6456BznLnAYSzZCw4LhaVn1i4S5DzTjmFRSl-xvgBlTijfHJVyIPp3SJVv1DNloDbl700x3sMvwGtcqHJMXk3Pm-b6ZtJaSNLrFrCVna4dP-sVf-_4qCFnBEjhM_pDeK-z9eeICHGbSNbaQMMEVdf5Nuly5jDrCOXMLU%26cry%3D1%26dbm_d%3DAKAmf-DH2WuclJeVyjrBkUzDqknll3ocUaRY8MsgCiubhKD1y5WsRnB95qHjrPYOcRMx6H4bq3r2QAxYCe3VeEIP5iXnfTN815C7XL_Zxc7x61b2VU0FmjR9g_vKMwNk6ejNOEb2oqDh0jrj-ctcxdpWwixewY1a6ljzmB3I-dJmoyq9pU8D8hV0Y8Ae4fir20fA15Ssb3_CbQH0AkW4ORCGdfBPJQGH8w5OqN-uVis_7r8h9MXiHaUV5bMJrGDSojjcz3Q0EQrvXgQYKiOMv4lA0FhJ1-8SG265wjNgZgTj_CZzuIguBYOSMJ6fXuncUINAvZtMZw4C7kmze7t6JpgCYAdUTB4-1w2XzviR3rCMQz7T0mLYpH5OZvK8BRZFzenyZR8TU5yh8d4taYw6tdauhYW0MrZcrDKTbRy3sBdXD8PpFCNV4ctmeZ27ZxAAPdinZjpTH4oHRG-8KhhoUsj8eN5fModeq3Jw60_UB2NstJLOnmApQp_oGzvjk2nQTTWUjC7RQz-B6rGMO_xgEviBP5kijf5GJI8FrJM6_9XvI-WnDEzPntQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3860072030774975%26output%3Dhtml%26h%3D280%26slotname%3D3953181476%26adk%3D3359639956%26adf%3D402917734%26pi%3Dt.ma~as.3953181476%26w%3D300%26lmt%3D1707486223%26format%3D300x280%26url%3Dhttps%253A%252F%252Fimgbly.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707486223885%26bpp%3D1%26bdt%3D1110%26idt%3D1%26shv%3Dr20240207%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%252C300x280%252C728x90%26nras%3D1%26correlator%3D1814987950648%26frm%3D20%26pv%3D1%26ga_vid%3D162039224.1707486223%26ga_sid%3D1707486223%26ga_hid%3D1194607033%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808398%252C31080780%252C31080820%252C31080886%252C44809005%252C95322745%252C31080932%252C95321957%252C95320868%252C95324154%252C95324160%252C95324262%26oid%3D2%26pvsid%3D524308427401298%26tmod%3D1728592833%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpenEr%257C%26abl%3DCS%26pfx%3D0%26fu%3D32768%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26dtd%3D3&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fimgbly.com&random=7706648258747&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: fe79467e2c0230a552c1d8e7a17b701506e45d723ddacb7dbbe6fe8705f31670

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2023
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Feb 2024 13:43:45 GMT
Expires: Fri, 09 Feb 2024 13:43:45 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AD32 43 B
702 B 222ms
94ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=53311400111239004444554012595020&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 13:43:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AD32 43 B
702 B 201ms
74ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2229232&v=11671&q=344795&r=296283&pref1=53311400111239004444554012595020&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 13:43:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 7353
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1956845/78353831/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1016043604&ias_pubId=pub-3860072030774975&ias_chanId=1&ias_placementId=20991824298&bi...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
464 B

45ms
44ms

Script
application/javascript

2600:9000:2304:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Server: 2600:9000:2304:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 01:45:55 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 18532671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: QWESyJlp6Y3-6iFnTxD6C37pX6WK-CdV6RGd1383eeoPKhcGTVeLIg==

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
server: nginx
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1E5D 91 KB
92 KB 51ms
50ms Script
application/javascript 2600:9000:2304:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 29160327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: AOyw9icAk7C7snyHAaOFWYrFKnijdrbVm_4ESPV5xHjcvM-890z2eg==

GET
H3 200 css
fonts.googleapis.com/ Frame 3F21 5 KB
705 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 13:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 12:19:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 13:43:45 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3F21 8 KB
8 KB 119ms
41ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3cbc276d3cf3db690092c7d023fc6617bc81e1025ce26430fc7c2c56b04cbdc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 13:43:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8152
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3F21 12 KB
12 KB 119ms
41ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 50ed5bc9aa8f6187e5c67af23691f06c44b6537c1db976bf497a95f613916c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 13:43:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12082
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3F21 10 KB
10 KB 119ms
40ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/71422/creativesup/1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2d07dc89d6f0e18cb5ce04620641322d9c584d552403403df4b0d9f9350afb46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 13:43:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9679
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7353 43 B
215 B 627ms
202ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1956845&asId=42a7214e-1b76-329e-e21f-be11142c0787&tv=%7Bc:3JCZjD,pingTime:-3,time:439,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:380%7D,%7Bpiv:0,vs:o,r:l,t:438%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:439,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B124~1,0~0%5D,as:%5B124~728.90%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3NsbSK+11%7C12%7C131%7C132%7C133%7C141%7C151%7C152%7C153%7C1611%7C1612%7C1613%7C1614%7C1615%7C1711%7C1712%7C181*.1956845-78353831%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:382%7D&br=c
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7353 43 B
215 B 621ms
200ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1956845&asId=42a7214e-1b76-329e-e21f-be11142c0787&tv=%7Bc:3JCZjF,pingTime:-6,time:441,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:441,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B124~1,0~0%5D,as:%5B124~728.90%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3NsbSK+11%7C12%7C131%7C132%7C133%7C141%7C151%7C152%7C153%7C1611%7C1612%7C1613%7C1614%7C1615%7C1711%7C1712%7C181*.1956845-78353831%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:382%7D&tpiLookup=ao:imgbly.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1A78 183 KB
65 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c0defcb55130e43ad4fd0371d19ee04d28da46082606dfc6d2258725c3a7b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66610
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Feb 2024 13:43:45 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7353 43 B
215 B 613ms
201ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1956845&asId=42a7214e-1b76-329e-e21f-be11142c0787&tv=%7Bc:3JCZjQ,pingTime:-2,time:452,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:704,beZ:706,mfA:996,cmA:1006,inA:1007,inZ:1032,prA:1033,prZ:1076,si:1086,poA:1087,poZ:1106,cmZ:1106,mfZ:1106,loA:1145,loZ:1148,ltA:1156,ltZ:1157,mdA:706,mdZ:930%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:380%7D,%7Bpiv:0,vs:o,r:l,t:438%7D,%7Bpiv:100,vs:i,r:,t:451%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1,o:451,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B124~1,0~0%5D,as:%5B124~728.90%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~728.90%5D%7D%7D,%7Bsl:i,t:451,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u3NsbSK+11%7C12%7C131%7C132%7C133%7C141%7C151%7C152%7C153%7C1611%7C1612%7C1613%7C1614%7C1615%7C1711%7C1712%7C181*.1956845-78353831%7C1811%7C1812%7C1813,idMap:181*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:382,sinceFw:69,readyFired:true%7D&br=c
Requested by: Host: imgbly.com
URL: https://imgbly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AD32 56 KB
19 KB 162ms
44ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=53311400111239004444554012595020&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d85ff4ff5419e721ef04483dd4995db0a4c89dc414071eceedd4f31a628b6c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:27:08 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Wed, 07 Feb 2024 14:11:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 83798
x-amz-server-side-encryption: AES256
etag: W/"1ae708ab523e5f77c29668b2cac9b72f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pRzMpWFfDfutBKEBP2VFLfOcVqen0Y_SQEPqLvX_3fYqGLOVNECwCw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame AD32 3 KB
3 KB 158ms
40ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1707486525&Signature=F60Jr5gwJyUCqsujGod~zEx1h-VmqOVj2Tea889~S5jmfA2WGb5UCWNc9VUpeJmOh2LnqrgB1B9CpnnCrwffqayJRSlGfaaKaY6TvJ-o99Narbotv8m7Dj8XsHd3SPZH0IF71trSyBXSfa8i0MMzZWuTLprUecZo-3MPiHt3OKOCLgo4nLmuUbtc1S7GMPffDtnCTSExCXkHaJMuqum2jkSuhlW24Qqq5UI2fy2YdW4nM~KyPV3Coraf6ASr3rGROpcMfShQGufzOP56IlbmTon7latScofll8oYbRFBkVNMOKQ7fr9l5vOCEPZs3YUYz9bEknz1OIgbEYHg~KnZOg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860072030774975&output=html&h=280&slotname=3953181476&adk=3359639956&adf=402917734&pi=t.ma~as.3953181476&w=300&lmt=1707486223&format=300x280&url=https%3A%2F%2Fimgbly.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707486223885&bpp=1&bdt=1110&idt=1&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x280%2C728x90&nras=1&correlator=1814987950648&frm=20&pv=1&ga_vid=162039224.1707486223&ga_sid=1707486223&ga_hid=1194607033&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31080780%2C31080820%2C31080886%2C44809005%2C95322745%2C31080932%2C95321957%2C95320868%2C95324154%2C95324160%2C95324262&oid=2&pvsid=524308427401298&tmod=1728592833&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 09 Feb 2024 05:49:49 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 28437
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: QO1_HzTGJt7lJORK57G3-mXzj8ABaYc1gQr_x7M9a3ZWtAzjtt_P9g==

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame 3F21 0
150 B 117ms
40ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=53311400111239004444554012595020&a=1c3f3ca2&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=53311400111239004444554012595020&a=1bae5512
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 13:43:45 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758
adservice.google.com/ddm/fls/z/ Frame A517 42 B
401 B 159ms
73ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIrHxO-xnoQDFflGkQUdfqQKYw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9043578845985.758?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RvdWJsZWNsaWNrLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdf...
ad.doubleclick.net/ddm/activity/ Frame A517 0
22 B 72ms
72ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RvdWJsZWNsaWNrLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxNDcxNjU4NzUwMTgxNTA2ODUwNgpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDEKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2MDM5MDAxCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA5IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAxMDIzMTgzMDI2Mzg4ODcwMzA0NAo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"10231830263888703044"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0xde31c993eb48a7ff","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x8e72f1e1f7ac8c6b","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0x50dee23e5f6f170a","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xaa82d8d3d291734f","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"14716587501815068506","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10231830263888703044","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"10231830263888703044","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"10231830263888703044","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"10231830263888703044","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 80FD 42 B
174 B 75ms
73ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDRDkc1vf880gIj0BaolkMG8mzCUW-ORMsk30ltXcgivVgR713b2piVgU54_4-m-hQFi97ZY23G9FYPS4gdnUmN1awIH51Vgq4rorWF0afkK7Ozanq_P5-fUHBp4eStdpf49TthiU8gALuWcMAWxA9SSdWGKV_1vfefQ&sai=AMfl-YQpqqR2gslXoMdM7t59qNkhpN1QFzn20Bh3Wbqzo0qyu_FK5TKSvjl71ujSzEkOjGLXcnA1ASrGVARRzHV9d0oSjX9kZWH-deKZ1-LS2qfS6atNzOdORr2kxF9XFKRnaO-g40zdMs1FnqEY3UcZIQ&sig=Cg0ArKJSzEZKOfgoQHyzEAE&cid=CAQSTwAvHhf_D6_M6KrqU2due9W4Ahk-IMVS3QRCH0MHjPtC80EnsoqIGcKnryZSp_SmyHgiCT5PfaTkNaPtjHxYTdD5sI2Whg4H0cf9knlILSIYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4077765493&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=341902400&rst=1707486223871&rpt=927&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 1A78 279 KB
93 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

782c0f9f8af8f69ffad8cee16cbfe9690031cf85b20a3eece20f8d221d42e00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94907
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Feb 2024 13:43:45 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ECA1 42 B
108 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoz18GShDn3CJqYIko6D7nrTt0bZR65nlJUcj0k5S9KRVhTmMECLxvm_CN3qPhY8Ki5PH2CDGtHGGLonqndc4N548Txnp5W65Pe_R96E0FcSIqsw4b_2AgxFUWBjGjVTxi-1QOHQJndVN4naS6f1-9GwHmRiERksJ4Uw&sai=AMfl-YSM4bTUojjUPhnOWwY1DuyRC6jiPe1N_KL8Z1QpY85PKguYVpDLmG-66bHc9dt4myDn6f4ICHJRCCFGlWXaeyfjTNZZuicdUAnFbQ9ubGrNaGoHPRdoHwhvzC8wmwZQqqj4qx9rxrHkC-o5XUxUbQ&sig=Cg0ArKJSzIP5-K2sfCheEAE&cid=CAQSTwAvHhf_7g3JoY26rpoXS8ucrAxAZkmN7kH2gGNPWEsLU4VKGGOSqtoyV8TKHU-VWt2GhEXYA-1haemKVy2mZtgsQUAHiNrDuuL7XTe98Y8YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1845920765&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=341902400&rst=1707486223842&rpt=1023&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 85ms
85ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9099dd1480ce3fd06ca8830695d945ab6c41b5b70f526cd333e7b9b5c524c680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12290
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7353 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOQHX1VG3VnJ9NBeTYuXgBdU3WoLcCyFlw7IBIWW9NZthJykk5tHI3W8QK1ATTqNro0S-_yzhPlfmOIFhBylkgG35x8LzGzh9zr70w1hObessqxJW4tI3lMk6MWbMoA5sp0qE7U_K6ENvm8Jwq5zV3sQ3ry6rw34E88g&sai=AMfl-YT9Aw4OeOCc73CIyC54pMC87ICyLB8GpFnqWAv9nuxbdyEVaoKQRFVOblyGcLeW0DgVNb6oo_JFYAUBlecnIAWQJhUtCLHA7FKiUxp6pEan4GaiXvVsh2eup_Bj4uS3IgMIqgBQiGJLJyMqwT0K7w&sig=Cg0ArKJSzCRfTuUU6uIyEAE&cid=CAQSTwAvHhf_x4pu7uqbMHSrgQO49wXLXnFVT2RkihAbo3zN19gvEGqKJNWGtWAJbIAowxKLWQyZ1AvmcoHep7KSnfDjZ6rBTEdE-R4zLAcQ2S4YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=579,1000,1000,1000,1000&tos=579,421,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=341902500&rst=1707486224638&rpt=409&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 13:43:46 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7353 43 B
216 B 228ms
200ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1956845&asId=42a7214e-1b76-329e-e21f-be11142c0787&tv=%7Bc:3JCZq1,pingTime:-10,time:835,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE2MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1707486226177%7C%7Cad3da6484591ef42d3ca4483a2f375ea%7C%7Ccb83d64b66ce79c8180112a4f5eea90d%7C%7Cbc3d2a17ff6f6abe1c597a1e8589a9ee%7C%7C947a10f72b747224cb2251830deeb388%7C%7C9dbb9b20c4403adda65efd2600a19025%7C%7C74c7b297d4a26b571888f2d878c55af8%7C%7C3d284e448b2206e22e044731bad4e94b%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F027 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 08:37:02 GMT
expires: Sat, 08 Feb 2025 08:37:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6315 829 B
560 B 52ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d2bc3689b4b8b397246cd50c3b33bd02fb56a92e460709ec31ae236e0992180

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SvlnPlvOWOtDIdV4UxZIAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imgbly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SvlnPlvOWOtDIdV4UxZIAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 13:43:46 GMT
expires: Fri, 09 Feb 2024 13:43:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame F027 39 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 07:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 07:36:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6315 0
0 71ms
71ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=524308427401298&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F027 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uz3UOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 13:43:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7353 0
22 B 70ms
70ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4386930457303&version=m202401290101&ct=76&x=1&cor=9864038169005224000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AD32 16 B
209 B 86ms
86ms Fetch
application/json 52.56.219.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.219.216 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-219-216.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Feb 2024 13:43:47 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 248ms
48ms Preflight 52.56.219.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.219.216 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-219-216.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 09 Feb 2024 13:43:47 GMT
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7353 43 B
215 B 202ms
202ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1956845&asId=42a7214e-1b76-329e-e21f-be11142c0787&tv=%7Bc:3JCZA1,pingTime:1,time:1455,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:380%7D,%7Bpiv:0,vs:o,r:l,t:438%7D,%7Bpiv:100,vs:i,r:,t:451%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1004,o:451,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B124~1,0~0%5D,as:%5B124~728.90%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~728.90%5D%7D%7D,%7Bsl:i,t:451,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:934,fm:u3NsbSK+11%7C12%7C131%7C132%7C133%7C141%7C151%7C152%7C153%7C1611%7C1612%7C1613%7C1614%7C1615%7C1711%7C1712%7C181*.1956845-78353831%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:382,sis:517%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7353 43 B
215 B 201ms
201ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1956845&asId=42a7214e-1b76-329e-e21f-be11142c0787&tv=%7Bc:3JCZA2,pingTime:1,time:1456,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:380%7D,%7Bpiv:0,vs:o,r:l,t:438%7D,%7Bpiv:100,vs:i,r:,t:451%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1005,o:451,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B124~1,0~0%5D,as:%5B124~728.90%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~728.90%5D%7D%7D,%7Bsl:i,t:451,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:934,fm:u3NsbSK+11%7C12%7C131%7C132%7C133%7C141%7C151%7C152%7C153%7C1611%7C1612%7C1613%7C1614%7C1615%7C1711%7C1712%7C181*.1956845-78353831%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:382,sis:517%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:46 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 109ms
109ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=524308427401298&bg=!GBulG1TNAAaxkZ3akZE7ADQBe5WfOKt8yRCDdoCSK2g-To-1a9ZLwpqfRk1-GoJmzPBtPI6P0h8bygdk-KHZ9zHuryOBAgAAAE9SAAAAAmgBBwoABiGvATrowZkCtXvERiootXYA-nuk-p9407GeLGtg-Vh3ISwUjltUA6C4Sqp040WqSqe1KCRZg_DVwm_vjCF1QBxXZ-TDgKvBT2T5v_wyyKhXWN3j7-amJpiV6rdxSVDTmkxHGQoeovDkHsgWOvFMXucB5oPcgFyRSmYFGohLOVgsSiTlgtZ0JwkTizJd_hJq0hAXQ_1jFUR5f3Yb0Zbh7_9lOtDhK9Qh-1gVlpLybKfT5srD8Zww1nmv7vN0GqGDkziz1JGvUnCd_JQcbO5OFIMuj55u99IhqPl58E3myqfH8NX7aRkSbmtnUOpNvF2cmmNUZltvi55n_Tml35ajR81gtZa7Q4QxMxYiwOkuNvA0fxKsWLO-zmwEpg0yDeTtj27j3nTCVIrMuFBRGK_3L-9WwqyFfRnUVzLVpVpyBtgeeFs3EPrAmAf8BYW0ar6KAA4CJaKixkjxSDY46mmjqlhEWUlS_ilr_4AvGWBLqx2ZlPyqpIMtH4AZE49uRllK8xe_ugwK3Nw_9FDblXJjEaE2QNdcVmHhiwnTnQq9kCyoYy98HkAdzvK0iS15JxhTcKI5lFw1f4qnj2fYqetval-b8KO1V46gzGqRo-HE7cSAoByoc2D2wKHu8Lrq-XF9qpPXuTY5honiANQwgycdFO9Jy6qJNiKzg3ORFeZCCjUICdxIhaNu0Uwb9DqkEeuj2tv1rPGV5-38es6t0p_z6YK51CZ_p37CVZedp_J4gDtdYDWGqjonpSV4BOqpmZ1lBypOM6RZFUym9qCarKM67tlvdZ6uN3AG2yLoMLraOyzcIMx3TmfU7VPqlhYi0T_KXv9S7lRSOcr_zg3RU9hm5cexs9C5UfHzMYv1bvFXLBGSMnw3iE412cmWR1UMafRGI0GgtKS18xavV56A5Eb-nomuFHnRzo2egA7444yowg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgbly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD32 0
22 B 70ms
70ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7404615732059&version=m202401290101&ct=77&x=1&cor=1683256605574566700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 13:43:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
imgbly.com/	1970-01-20 18:18:13	Name: XSRF-TOKEN Value: eyJpdiI6Ik1ZaGxMWFFLK3dVcnNlQ0syVi9qSGc9PSIsInZhbHVlIjoiNE5BeHFRUjg3QWk0ckxoVk9RaHVla1FOSjJWZGM0MWNvRFJzZjczQmJLODQ1U2VBNHhLZklLN0gyK2xCVlIybWNnNHpsbzFOb0pBZWYxSGpXUWV2UEgxdnBDY29wSjhXS1ZmdktvclI3RTV6SC9wVWFXdndkR0dGMkRINEJTbWkiLCJtYWMiOiIwZDc2OGY0ZTUwMjc4ZGQzNmY1YWE4MmM4ZWY5ODY3MWI2ODhkMjhkZTQzODM5NjgzODcwMzQyMmYzMDNkY2RmIn0%3D
imgbly.com/	1970-01-20 18:18:13	Name: imgbly_session Value: eyJpdiI6InMxRVg4TzhzWWpmdENHUjlEVGhMNFE9PSIsInZhbHVlIjoiMFdPSUVZbEhZQTBvKzJhb0t2eUdBUUtUcURCOE1aYnFvSENWYXdFbXZkZzRUSUFLclorNGVQWnlvV3FLNG9yQjZjWnpRNkd1cWJCS3grMjhLMkUyR1IzblI0bGUrNS9lRllCZ2FCN2ZKbVNDVi9IVFNBZXhFN3RKNjFOa1NiK2QiLCJtYWMiOiI4YjIyMTJjNDY2MjQ4NDJiMGJmNzA1NGRlYjQwOGI3MjEwMjZhYTEyYTEyZTgxYjNmYzc3MWVmYzMyYjI3YzBjIn0%3D
.imgbly.com/	1970-01-21 03:54:06	Name: _ga_S96N80QCJV Value: GS1.1.1707486223.1.0.1707486223.60.0.0
.imgbly.com/	1970-01-21 03:54:06	Name: _ga Value: GA1.1.162039224.1707486223
.doubleclick.net/	1970-01-21 03:39:42	Name: IDE Value: AHWqTUlu2sxJw6hRXMjFWaQ30h0LUAQnIf6gZ4S9oarwkcztg97rpIiCF8gC28AT
.imgbly.com/	1970-01-21 03:39:42	Name: __gads Value: ID=d31548e2ee62434c:T=1707486223:RT=1707486223:S=ALNI_MbNKm7Uq7kCDFaQpCm70V4m70hwug
.imgbly.com/	1970-01-21 03:39:42	Name: __gpi Value: UID=00000d544451bcb5:T=1707486223:RT=1707486223:S=ALNI_MZOfI3v_R4k-Uq8g7ahVTahU8gDzw
.imgbly.com/	1970-01-20 22:37:18	Name: __eoi Value: ID=6842eeada82edf8d:T=1707486223:RT=1707486223:S=AA-AfjZ6M1pVnUOFXCh-tg0AArbJ
.casalemedia.com/	1970-01-21 03:03:42	Name: CMID Value: ZcYsELmqPS4AAAvXABrfmgAA
.casalemedia.com/	1970-01-20 20:27:42	Name: CMPS Value: 2225
.casalemedia.com/	1970-01-20 20:27:42	Name: CMPRO Value: 2225
.adnxs.com/	1970-01-21 03:54:06	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:27:42	Name: XANDR_PANID Value: Ndj5NGEgvoFTicvjFYsxf8wQhyUe8j40qoZKAX_3wrxkYlS2Wg071k22kYVxu-qVYXxgnfMW4Ni2CtGxMNaxUl_iQsYaO-anD-t6xE-FBNw.
.adnxs.com/	1970-01-20 20:27:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTrdtAh$!]tbPl1M>e)ZlrFUfJ+tGXxoHc6hWn@.>9mUg0-iK`f)ULux)PYZQS'4^2l(3If)y3KL9D3I?+7=gseP
.adnxs.com/	1970-01-20 20:27:42	Name: uuid2 Value: 6711644962373654782
.doubleclick.net/	1970-01-20 22:37:18	Name: APC Value: AfxxVi6fRuDXJktSVaFRj2rBJXVLLttSsWDGBVuZAy7ZkoLddF8RJA
.doubleclick.net/	1970-01-20 22:37:18	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 18:18:09	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 19:01:18	Name: ar_debug Value: 1
.bing.com/	1970-01-21 03:39:42	Name: MUID Value: 2A28FC00CE1164DE1B82E820CF9A65D5
.redintelligence.net/	1970-01-20 20:27:42	Name: 8lcfmzhxc8d6_uid Value: e84e62483decd134
.bluekai.com/	1970-01-20 22:37:18	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 22:37:18	Name: bkpa Value: KJyN0AWvQY9xxBcENajp7BajuJLrWiD6AY/k7qXGVdfcPb4D3OQ/S5ykuxtbn8FAsr/PzINQAkuSpn/IExiejZ0tF9ReVYRtwhbFsL6mYqhgUnfUmILx0B8kDiDn
.bluekai.com/	1970-01-20 22:37:18	Name: bku Value: ts6O9OWLhZDXqB6A
.awin1.com/	1970-01-20 18:20:59	Name: awpv11671 Value: 296283\|1707486225\|3ee7c880-c751-11ee-94b4-2233c304522e
.awin1.com/	1970-01-20 18:28:11	Name: awpv11601 Value: 113440\|1707486225\|3eeb23e1-c751-11ee-8694-226555b1c0ac
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 03:54:06	Name: source Value: {"webgains_webgains":{"timestamp":1707486225875,"clickCookie":false}}

188 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://filesharer.cc/images/icons/google-play-png-logo-379hh9.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://imgbly.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad.doubleclick.net
adsdk.microsoft.com
adservice.google.com
adv.office-partner.de
ams3-ib.adnxs.com
analytics.webgains.io
api.webgains.io
cdn.adnxs.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
filesharer.cc
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900020.redintelligence.net
ib.adnxs.com
imgbly.com
pagead2.googlesyndication.com
region1.analytics.google.com
s0.2mdn.net
sandbox.elemisthemes.com
static.adsafeprotected.com
stats.g.doubleclick.net
tags.bluekai.com
tpc.googlesyndication.com
track.webgains.com
unpkg.com
www.awin1.com
www.bing.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.18.36.155
138.201.84.244
142.250.185.134
142.250.186.130
172.217.16.194
172.217.18.6
178.63.52.121
18.66.147.120
185.89.210.122
2.23.197.190
2001:4860:4802:34::36
23.199.221.167
23.32.184.180
2600:1f13:800:7781:2b49:c39c:c642:eb
2600:9000:2304:f400:8:48e:53c0:93a1
2606:4700:3031::ac43:c32b
2606:4700:3035::6815:2e59
2606:4700:3035::ac43:8905
2606:4700::6810:7aaf
2620:1ec:46::45
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::2006
2a00:1450:400c:c02::9c
2a02:26f0:480:22::1726:62d4
2a06:98c1:3121::3
2a0b:4d07:102::1
3.8.30.143
52.56.219.216
54.194.91.232
99.86.4.53
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
0016e81c084362ca54189c706b9023b74e9a50249f6b36b7c731af295fd81795
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
0202fcc8498d7cbb42a47fa0629f71a89c220c84c6a9cc006c8f2d09f9d8da5c
0444ee8659e61802b95d49ea403263c6b05213b5084679a087566fe8375c0fea
049497373816b6cb99b00ff57eb1c84ef65687fe0ddd3e5de45a024ae34bb33a
058c1c2cf9a1b591646575a669d1f8e27c9e788eb72d97104d192c1e126d3139
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13308613746e5121a5a6ee121a89634154f323f34814cde054206fd0ce400ebe
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1a02f3d42a87e4f8db0d12b71838ec5cac3a6396e5749b34a281e21e7c6ddd14
1c78541686109ed7c3f206451175aa8165f51ff1ce7775c933ab8b1fd739870e
1ff410c49df1880c0d305691923c285ecf96aff086fc430af176e59bf18d4357
224a3d721c3773ee761f4cf92e92885a93ef8a9efa21361bacf9584b0a7450c6
22a8e439450d976c2724efb04a446febc736ff4e11859260174ef29ca7a3c716
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23559bc69ad9211a5dfb5100552b190d370675ef552ca8197c3df942175f8cc8
24b5937891c335ae7d0af25401d5dd574164b9b68f1a444a3788aa47513d0338
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
280dac1339163a43f2737772039670535ed371e4900dc26f2934bd0fd05384f0
28daafebbba54870eacb733f2c1a89c7448468b1d7e7966759be4778717a2792
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d07dc89d6f0e18cb5ce04620641322d9c584d552403403df4b0d9f9350afb46
2d7a1c4da005602febcf4f7d21b4c0b47b7d3bd51ea330fe3bfb6a9ae85c0b62
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f393dc7a65b2b24b8c3edd839301790404c2a751e94bad04ba5088b010d7e01
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32d26b3f38f5adcf544dcb92bd5ef604d67ac7300a28f7f8b072ae0e9f555a3c
33c65407ed2873d7740b6a96e097fe6a1ba9e7e5f77cbaafe0ec940fdbe9c072
34570e89cf00b996bc897caad5e37f2b8441b1a800f9e1eda018fee38f173b4b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
386ff5d37c1787a5c8355d3a2533eca7336028d6bf8e73f52e33cfe58dd74036
3a4b03a6c128b46647ca81421d1b1db2577751a66b09c13677c8d753cac18c7a
3ac7c70d2706c233e748a19a2471e907d4d174f5c0b86bd1e6cca47715865443
3bf9e48f0d497a6c7a26fde5ea0409ac76c23cc1b606abead547d5de2a1affad
3c0defcb55130e43ad4fd0371d19ee04d28da46082606dfc6d2258725c3a7b20
3cbc276d3cf3db690092c7d023fc6617bc81e1025ce26430fc7c2c56b04cbdc1
3ec273edf9b5f953d666bc201f99475774c2733532cce1d73b0dd07de2775421
3f490aee0289565676e055c0a4e014bf01b4fa39c40a31e4656b37a48d089949
41a11dc89563dc0c98e8dd092885b40b021c469853dd67df7b59be1ccf8f55ad
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4256934e5894904421323cfdefe6447a92b658b179d4c643d30803610e47ce58
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
448fc5a7c3008950754485ffdc353df4286011cec2e401dd0367531400b42163
472100674e843eff0fa35cac2680f55b59ebca8f3d35370becdeeff12cd93c5e
474e2f5ce1640e60058c8c72f84b8585381cdb81e62d85d3907b9aadcfbf0eb7
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b19b992875883d896966e397311190d3395a1618e6c167ee0f88bb9395c3cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e7e73ba9813f46b7b95bc707704ddaf5367048c6571e07a4ff3cd3ba18bb04a
5038808acbbc4e6edda16cbeb1cc6dec80e4e4ee4e227e039c41229fa222aa8c
50ed5bc9aa8f6187e5c67af23691f06c44b6537c1db976bf497a95f613916c64
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c9251228f7cdc1febd8312a26264597a8234ac5bb60bf52f45b1b66bf0bc5a5
5e5d18104e634a560688f1cafc4c2dc95dc64d5920d1534a4166cc1576485ed3
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64dda1c0176290ad210baf2cdcc80d5fd9c5c4e37c62e2a4949c3d2efbd7ef2f
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
6ac5676b687415cdba5ca899b5f51812b5af0ed1a61b16b969c7968d602b9e29
6c6522aa1ef26543ea4893fcaac28a924ab95ebdeaffb0a4c604c51f7fddd313
767c8dc5cf5cd2806194dccd5383fe7989105da84bc0622fa8601aecf866dcc2
782c0f9f8af8f69ffad8cee16cbfe9690031cf85b20a3eece20f8d221d42e00e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8328841cd636c0a1f0da9ec78a2986b066a19cb18e10a1ff9d2f0d3ea19a6aa4
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
8830be3efc4a52baaf4c0f930a2ac371946d8beaa6d5167161f9b9403b238246
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8f7296f4aa15d1fab96593661d2f7294a320b49f320a9d7e475de1c336f113b3
9099dd1480ce3fd06ca8830695d945ab6c41b5b70f526cd333e7b9b5c524c680
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d
9d2bc3689b4b8b397246cd50c3b33bd02fb56a92e460709ec31ae236e0992180
9ec6ca525424d8cedf0c213f9730d89e4cdba7fd38c2d79b24ed5557a86234e3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
afd2c7d1566e1911f10b1e1787294bf7d6af91254faaed3db91e6d9dcf87c4ee
b06d18d844ed621b89faffb1a33440cc0ec4f1ffea9f36191f50db19a47c59a6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b4336111e84dc42f94adca7e9798d71626c2a01330dc700bda5fc9873dc39efa
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf4a9204a5958e5b3e69497c7d3e30b17181e4d17f3e9ea9ef90384f0340e7bd
bff45852d16f3337a1ed1963441fd9e219ee6c289c73ed533fa32f01fea241ad
c4033998f21de5867245e1fb9162496103dcd1174003bf2a00b91a10873552eb
c4e71726d480c0ad3e10dbef386a36ff93b7c1b97b932ed1a400146ec5a8ceb4
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c8d717c76b14aad6c4fd6c99b7fe803e15a53537cba081a433c8e94b0ac74ce5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce6e678aa481fc8da94f8ac84d1f1ceafe50780e299264344ddc86529327429f
d038f7fc3a36d730ee92b07dbb9b594d19c27fa217be9b9cf9e1ef8c87e04af2
d179f6f83fc3f107db0b174491d3f1da7fc19e7c7bd211113b72833380d03c41
d4a1649f2ffaf92d39b46ffcc2b2d42d21f1645c30bdfacecf5c949d40d86094
d4f3c995d52401948e3af0c2a85277c3fbdd2ff46f4d52fac41747fd700a4c40
d85ff4ff5419e721ef04483dd4995db0a4c89dc414071eceedd4f31a628b6c86
d9b7b7234549c7f952bd2fbb8a4def36253173c3c5b214fd1690c72096d3d5f2
dadc34328c99d3a7cc366e4ac034af8caad2487295e9368a7d1a4b71dcaa2f2d
db21c3de2eac72ac3f463f1cdf2c4b94ef234c8cc5c8c3937809abd3a1aa02a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fdaaf3267c45c95f6a20b03673d7843cd18a0676348520cd93e0bdc64c2a7d
e68b0bf411a92a35e893822d6d5f0043af95ea2f5b29038a508931407faf2574
e88eacfd89ad3962cd8da9ecbaed2162f28e90a4a5551332f421bbfbd360d95d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec7083d24205bc66e4caea47afb2ea79b1ace9a0d9e437f74a08fc956c765d99
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
eddf8f4c033fd5b8c4f3c3e982b3242625f4873fc65df6aa606659c2399a622b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f53af2d1fc5292ba1433b5c1faf50005ce6a997fa302d1816989929f379a59dc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8ebd0bb5d4fff0a1a0c442fb0e0d007be547dd97413e9a25b1e1b91193db690
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fcd9191b54458571772ecc516d40c60500777575b19c501e8a5ad9dbad5a8524
fe79467e2c0230a552c1d8e7a17b701506e45d723ddacb7dbbe6fe8705f31670

imgbly.com Open in urlscan Pro 2606:4700:3035::6815:2e59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

224 Requests

90 %HTTPS

59 %IPv6

24 Domains

39 Subdomains

39 IPs

7 Countries

4859 kBTransfer

9776 kBSize

28 Cookies

8 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

imgbly.com Open in urlscan Pro
2606:4700:3035::6815:2e59 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

90 %
HTTPS

59 %
IPv6

24
Domains

39
Subdomains

39
IPs

7
Countries

4859 kB
Transfer

9776 kB
Size

28
Cookies

224 HTTP transactions
3 data transactions