imgsed.com Open in urlscan Pro
2606:4700:20::681a:a84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://imgsed.com/
Effective URL:
https://imgsed.com/
Submission: On July 06 via manual (July 6th 2023, 11:04:50 pm UTC) from MX — Scanned from DE

Summary HTTP 166 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 29 domains to perform 166 HTTP transactions. The main IP is 2606:4700:20::681a:a84, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgsed.com. The Cisco Umbrella rank of the primary domain is 264220.
TLS certificate: Issued by GTS CA 1P5 on June 6th 2023. Valid for: 3 months.

This is the only time imgsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:4970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:a84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:2600:a:e047:753:be1	() ()
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	54.171.151.8 54.171.151.8	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
29	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6 16	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
5 9	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	65.109.120.242 65.109.120.242	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
14	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	54.93.206.198 54.93.206.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:d35e:e8d:e3dd:83f	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	65.21.233.19 65.21.233.19	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:249... 2600:9000:2490:2e00:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
166	37

1 2606:4700:20::ac43:4970 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:a84 (United States)

ASN13335 (CLOUDFLARENET, US)

imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2600:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.151.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-151-8.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.109.120.242 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.120.109.65.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.206.198 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-206-198.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:d35e:e8d:e3dd:83f (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.21.233.19 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.233.21.65.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2490:2e00:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 307	293 KB
33	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346 ad.doubleclick.net — Cisco Umbrella Rank: 184	293 KB
19	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6778 cdn.revjet.com — Cisco Umbrella Rank: 7024 pix.revjet.com — Cisco Umbrella Rank: 6092	2 MB
15	demand.supply live.demand.supply — Cisco Umbrella Rank: 45237	36 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	399 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485	7 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	4 KB
5	imgsed.com 1 redirects imgsed.com — Cisco Umbrella Rank: 264220 s1.imgsed.com — Cisco Umbrella Rank: 699565	12 KB
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 28317	39 KB
3	gstatic.com www.gstatic.com	16 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 ajax.googleapis.com — Cisco Umbrella Rank: 433	8 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	7 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	316 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	306 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1653	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 857	338 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	715 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44074	611 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	879 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	87 KB
166	29

	Domain	Requested by
29	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com imgsed.com pagead2.googlesyndication.com 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com imgsed.com 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
16	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
15	live.demand.supply	imgsed.com live.demand.supply client
14	cdn.revjet.com	ads.revjet.com srcdoc
12	s0.2mdn.net	imgsed.com s0.2mdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	imgsed.com pagead2.googlesyndication.com 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	img01.ztat.net	srcdoc
4	7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	pix.revjet.com	srcdoc
3	www.gstatic.com	imgsed.com 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
3	www.googletagservices.com	imgsed.com 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
3	www.google.com	1 redirects tpc.googlesyndication.com imgsed.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	s1.imgsed.com	imgsed.com s1.imgsed.com
2	ad.doubleclick.net	1 redirects srcdoc
2	googleads4.g.doubleclick.net	imgsed.com
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	fonts.googleapis.com	7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com imgsed.com
2	ads.revjet.com	7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com ads.revjet.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	region1.google-analytics.com	www.googletagmanager.com
2	imgsed.com	1 redirects
1	ade.googlesyndication.com
1	ajax.googleapis.com	s0.2mdn.net
1	cs.media.net	1 redirects
1	onetag-sys.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	imgsed.com
166	45

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
imgsed.com GTS CA 1P5	`2023-06-06` - `2023-09-04`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://imgsed.com/
Frame ID: 1F3586FAE48B91C63FA719E3A32A8F26
Requests: 46 HTTP requests in this frame

Frame: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3CBE53EA38206F199BE8BC0ED2DB8642
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com
Frame ID: 3B11610ED4133C6117C9195B619E4453
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36B9F11F745C3BFD4689C2EE5D8BF0A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59A6C4CCB7BBC81A8487010C019FE5B5
Requests: 2 HTTP requests in this frame

Frame: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4E089C7AB873A6DFAFB0503FF60326A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOaY_-ABMAE&v=APEucNUbVFxNDKdwjZWXgTw_sCTaK8CDgIChovfd_DiC81eHPkZHM1IeknQDZzEFtk2BVvSxQzwvWonbcwg3MaF0zFCrVU2_lSbA6kgKcTnufCm4xkGwpmlxplnJ7pB_iPU5a2laYX1cCbskYMwKFabL5TeWYyIKAXgY7qwZntsso4YTUy9Dj3ijE_hTuJFIPoJOkbi7SZU6O5SvbZnzPGnsgd2xVDgncw
Frame ID: F4D0817BD2C96C346A0530961D54F830
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B6B9554DD2543D044E4D5A9525B820BE
Requests: 17 HTTP requests in this frame

Frame: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D51766A970780BFAA5EB57998052C59D
Requests: 20 HTTP requests in this frame

Frame: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 468A37762B667C6B953D0B58CF809AD0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWKymrOrMPUxrTCynhMVLHGpb-1hdNNgsTmSoTNtx3Whgc0ZBdACj0NUzpTcIC-ExwURvNIo5dyPLbf8AzVrPZyzoGZiMpfFH14CUpIJ5dZU3J69SENvnQKRJQqNuwfu7t9gU1_pXOzz68CIZCSwn5C7mk532QFlTpvtiL5fzk9H6eg6TQ0PTkGu9ykFvugqpGNTYRC22DVTYqhUIEbYVUFVHIcUw
Frame ID: F84CF6857AE48389C9E2FA76AF8951CD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3246425B3511201F14892309FC8F3E4C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E17EF541C952BD142E68FDBC1DE2FE7A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F59398EF2265B286E2B45FB6B01219FC
Requests: 9 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
Frame ID: 50ADEE3A1B601D6D07BE898922FC3C8E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2B703B97DC0370CD081C7629820BD3B3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 188BD5040723141CA02D3828066FE6BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2ED28A01964DF6DD69B3A3559E5F9821
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
Frame ID: F4F0097809AC38533179CD7CE4B085D9
Requests: 14 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: C826A875A6805DD0A13B2AFC3EA8D0A3
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: A5469F2769EED3AAEB65098DDA5D90E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

download instagram stories highlights, photos and videos online - imgsed.com

Page URL History Show full URLs

http://imgsed.com/ HTTP 301
https://imgsed.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

166
Requests

90 %
HTTPS

53 %
IPv6

29
Domains

45
Subdomains

37
IPs

7
Countries

3486 kB
Transfer

5943 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://imgsed.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://imgsed.com/ HTTP 301
https://imgsed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=KC8tZHxXMS9vNEtJR2cxRzMra0kvdnJJUHQ2RHJyZE5tdFYrTE9MOENaVHlyZmpFc2dXbjRBYmtiQ001K2I0YUQwaHN4dG5ZOU42bkw2M1dGRmd6OE83bERJUGpudTZoTDVqdEc5WDlCcEs4NURFUmttWm82RW9LQnlBblQreDVweHg5L1RobzI4VlM5NDQ0OUZ6R1dDRWdDTzltVGI0eG9uVUVPd0NjeFN2cndTd05WTi9VMnl2MUljMDNUMnNmNTh5VVBhSnpvU2ZwZmE4Wk5zLzFVc1FnZEZtUG15eWNlSm9EYmVYUGRWYVk0ZUVza3V0YWl0VWpyNDhiV0JSeVNqZHJuL0d6U1FJc3FtYmlvRE00VVl6TUw1QT09fA&cppv=2

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgEMkCsuIwiOxloQaMdusE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgEMkCsuIwiOxloQaMdusE&google_cver=1&C=1

Request Chain 56

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKdIjcffcAXcOwWGZoJb-QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDjUvMCfiLHqN8cH3RBppZA&google_cver=1

Request Chain 58

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKdIjcffcAXcOwWGZoJb-QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxqIcR8cvyUGWCTD_B8nkw&google_cver=1

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D

Request Chain 104

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAVImKm_uh9uIBfodB8e3Fc&google_cver=1&google_push=AaAOQGEXSiRzRlWLCmS5Nn9GQmNAhiezPj7-NV_c-H-WV34wa2SB1lYyr9s49W2WjkC6vqU-fKQigXbVk3HexF8FgvLFsSotvXRmSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEXSiRzRlWLCmS5Nn9GQmNAhiezPj7-NV_c-H-WV34wa2SB1lYyr9s49W2WjkC6vqU-fKQigXbVk3HexF8FgvLFsSotvXRmSA&google_hm=r_Beu7sfQFuaBCO11oIfFkg

Request Chain 105

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECGrGdmrpMk8O1Daxr3auno&google_cver=1&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKkoz-GMyChtmA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECGrGdmrpMk8O1Daxr3auno&google_cver=1&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKkoz-GMyChtmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKkoz-GMyChtmA&google_hm=ChO9SfcDTFypst69G4Zerg==

Request Chain 106

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP71zQw_-8mB4is-9UKyR3U&google_cver=1&google_push=AaAOQGECw6pMYKLg5v-rOr43wfDjxyLbI9JUo_-JqwuLk7RbxKtXmTqVwdEanosRNS2ZT72LnqReu56gL3c01eXwTW71ur6qD4FXfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGECw6pMYKLg5v-rOr43wfDjxyLbI9JUo_-JqwuLk7RbxKtXmTqVwdEanosRNS2ZT72LnqReu56gL3c01eXwTW71ur6qD4FXfQ&google_hm=eS1YQmU0NXZaRTJwRUlMd21LQWw1VHIySWRHWS56a2psVn5B

Request Chain 107

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEcXInIVXErDMhjRYTcLFpQ&google_cver=1&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv381yuACMIBOJgG2M-VxHGLdxlf HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEcXInIVXErDMhjRYTcLFpQ&google_cver=1&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv381yuACMIBOJgG2M-VxHGLdxlf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MjI0NjY4MzQ0MDM0NDc0OA&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv381yuACMIBOJgG2M-VxHGLdxlf

Request Chain 108

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOFPi_nAU1PV0OuySfm9tJI&google_cver=1&google_push=AaAOQGHwyq6sXFM7cuaZcPSvHf1qZKcYTnv72KofyNCadc8JkXJw_rMnUCrU4IiHrV4kchNRQxmZl98TminzSHqVVPIhXD8pRKJLjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOFPi_nAU1PV0OuySfm9tJI&google_hm=ZKdIjcffcAXcOwWGZoJb_QAACIMAAAIB&google_nid=index&google_push=AaAOQGHwyq6sXFM7cuaZcPSvHf1qZKcYTnv72KofyNCadc8JkXJw_rMnUCrU4IiHrV4kchNRQxmZl98TminzSHqVVPIhXD8pRKJLjg

Request Chain 109

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEILvJ8_WtyhudFy8PtQCCtU&google_cver=1&google_push=AaAOQGEpb4XWgp1akRPmodHvVAxmy4CYOsSq7-3e2kn7jswo9-6tWUBjj31NQwyCc3BDHamUr0nSZExdb1xsBELWfXtfpD3OycaUaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpb4XWgp1akRPmodHvVAxmy4CYOsSq7-3e2kn7jswo9-6tWUBjj31NQwyCc3BDHamUr0nSZExdb1xsBELWfXtfpD3OycaUaQ

Request Chain 110

https://cs.media.net/cksync?type=g&google_gid=CAESENkeOrOGyQDLuMx1ZP_GYK0&google_cver=1&google_push=AaAOQGE4A4IbzdvZjdA0aGuJe9CgDpGgzz2nQrGul7IVyl7h65cgF6ZlM-iqUEATCpKjXjppJwc3UlOB7ujZPRzMbld-ezJiPKcouQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&mn_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGE4A4IbzdvZjdA0aGuJe9CgDpGgzz2nQrGul7IVyl7h65cgF6ZlM-iqUEATCpKjXjppJwc3UlOB7ujZPRzMbld-ezJiPKcouQ&gdpr=&gdpr_consent=

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29260104.357506718;dc_trk_aid=548432028;dc_trk_cid=185777352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688684685590 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29260104.357506718;dc_pre=CM212taY-_8CFX3huwgdt4cNGg;dc_trk_aid=548432028;dc_trk_cid=185777352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688684685590

166 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgsed.com/
Redirect Chain

http://imgsed.com/
https://imgsed.com/

2 KB
1 KB

39ms
20ms

Document
text/html

2606:4700:20::681a:a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c42ddaed229b1caa0741ddec7f4c9c01290181340be05b3cfd604274f61a9f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7743
cache-control: public, max-age=10800, immutable
cf-cache-status: HIT
cf-ray: 7e2b7d0b0f273733-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 06 Jul 2023 23:04:44 GMT
last-modified: Thu, 06 Jul 2023 20:08:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88KZxaKQ%2BEIONDjIJAVm%2Fa9z%2BxRJA0o9uz4KDvFB4CGrnFgN9VY2q9CVap0zuV2Me%2F75Pz0sFpV1Z5mBhMU%2FM6hUoZ673cRxdmaU4AYFgmGjVY8XyJ8M4mYZeJOahlsu%2BaLjca6jyzw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: MISS

Redirect headers

CF-RAY: 7e2b7d0adae430f0-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 06 Jul 2023 23:04:43 GMT
Expires: Fri, 07 Jul 2023 00:04:43 GMT
Location: https://imgsed.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0MB%2FJvlu5kAKC4xkQoBXehLe4g9YaWV%2FmwVdDr%2FXTGw80ldSTfFw1ujw2gq2dP2EMejet7krUX3mSKU1yIyxqLufxK9Kglpl74VOxIXTFfnRgMDJVbb5GH0HnEcxJKaS4Yh%2F1hQfBU%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 234ms
203ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ad7a6ebc65f50be550d91641cfe15b7254b9104f1249d563f46b86239f8e7cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H4KYQHPRQQAGWVFGAK9SR9QV
date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 261
cf-polished: origSize=4392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6021e99c7411c68b8e8b55620fae898b-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7e2b7d0b69a5bb7d-FRA
link: <https://live.demand.supply/impl.v17.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/aW1nc2VkLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 art.css
s1.imgsed.com/css/ 36 KB
7 KB 29ms
17ms Stylesheet
text/css 2606:4700:20::681a:a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/css/art.css?v55
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e4e373f4167005839c72e26952891eba5fbbec3250545b7ec8e73ecddef6427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Jun 2023 10:18:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 637516
etag: W/"648ed9dd-8e70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNx9RvEilwtsLJ7zRZcZCDnt39GpYYzCS5srJYdXDN%2BrrWOyfCul3j1bD9ofpyytHKmIxq%2BDzSFUAFhvRyYwIubDB%2Blgq6nsNx0po%2BMCYhdWX6RY%2B39WDfif2nQsbdp6PRO21xxBk%2FlaZpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7e2b7d0b4f523733-FRA
expires: Sat, 29 Jul 2023 13:59:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 39ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

408afa58b93f8281d0c4cb354143741cd05c472bc22a9a66ac46c979767ca14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 23:04:44 GMT

GET
H2 200 art.js Show response
s1.imgsed.com/js/ 7 KB
3 KB 29ms
18ms Script
application/javascript 2606:4700:20::681a:a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/js/art.js?v55
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3cc0306c5e291e93725cb4ff8c0ce369b3b31cb6f21975fd390c202de05b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Jun 2023 01:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 637516
etag: W/"649ce58a-1b87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mA1US%2F35y6gSoux25ZbRGxZkxMtyvCsproQV311QuSNFBJaFKAtQurqDp4BOCAE%2FV9smUFdk10E57gw4o7rqlepVATfVnSYyK6Wr8RtOL%2B9o56RhOcaNc7bBNyEB8ikPW5kpsOSndlKVhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7e2b7d0b4f543733-FRA
expires: Sat, 29 Jul 2023 13:59:07 GMT

GET
H2 200 search1.png
s1.imgsed.com/img/ 332 B
749 B 17ms
16ms Image
image/webp 2606:4700:20::681a:a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imgsed.com/img/search1.png
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/css/art.css?v55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/css/art.css?v55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 627294
cf-polished: origFmt=png, origSize=828
content-disposition: inline; filename="search1.webp"
content-length: 332
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 12:10:31 GMT
server: cloudflare
etag: "63ac3237-33c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ArUxCkSW6PQgeh%2BtLy412KL1cDE8WdtiKAc3UkKC9fKt19dlIigkk2a2oI59K7tjvQ3uss%2Bdss6OBpiWB8P5mGNZoUk0vIl9ZeqFPtQDhX5pUz%2BG5jb2g1K%2B1BDrIWzqUmzPPbjmLQn6Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e2b7d0b8f843733-FRA
expires: Sat, 29 Jul 2023 13:59:07 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je3750&_p=1486102449&cid=46655867.1688684684&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688684684&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v17.3.0.js Show response
live.demand.supply/ 80 KB
26 KB 19ms
18ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.3.0.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a043fd2fb8be3f7496f2ca5258f6504d79437023826467ee73257cad79a3e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H4KYQDME7C7GCS1EXTRVA5JT
date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 92777
cf-polished: origSize=81625
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c8bfaf9ee0599692bdd5c65c856d41d3-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7e2b7d0cbab1bb7d-FRA

GET
H2 200 aW1nc2VkLmNvbS8= Show response
live.demand.supply/p4/v16-10-0/ 2 KB
804 B 139ms
139ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/aW1nc2VkLmNvbS8=
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec023bb271d17a1b5874a5b61b49df8c826120c5a9615e93f459de02467f0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7e2b7d0cbab3bb7d-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
516 B 27ms
16ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=235&cs=c&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJJ16YQ2J0YTHRE5VTF3
date: Thu, 06 Jul 2023 23:04:44 GMT
cf-cache-status: HIT
age: 2452876
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d0cccf2371c-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 133ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ff56958f06c99fce8ff7005a2b3d21df6e79c9cf094602c51d602cfe3c861cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26095
x-xss-protection: 0
server: cafe
etag: 236 / 19544 / 31075788 / config-hash: 154671031251390638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 23:04:44 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
587 B 100ms
91ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJRSR5NR9XSEB7STFRCC
date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2452876
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7e2b7d0cccf3371c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 imgsed.com_fluid_sq_index Show response
live.demand.supply/cp/ 30 B
374 B 213ms
212ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_fluid_sq_index?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9998e14fdc96c5fa06da51ff7ffad6b49277b9042a8eccfb729df6fe16d22d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7e2b7d0ced0c371c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 imgsed.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
372 B 291ms
290ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86943d8d1bb51d5d23e6b00f8c2343a6d92ae1a1b644595526d6f22da666f84f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7e2b7d0d9dc0371c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 391 KB
125 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 14:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29413
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 14:54:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 50ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgsed.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 67ms
7ms Script
text/javascript 2600:9000:2250:2600:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2600:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 06 Jul 2023 05:33:17 GMT
Via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 63088
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: SKTT1YdvhM936oXtlYhNQl9gV7Y65s8smrmIquWz1ra5fzP0njrXlA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 70ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Jul 2023 23:04:44 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 46ms
6ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 03:04:07 GMT
content-encoding: gzip
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 77942
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: yBXY4Sm32_ipf83e88bYyEUHgQ4epEa0PczxOuxYpFVtNtntwr8qkw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 53ms
17ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 7K31B1SBF214GTBQ
age: 2854
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e2b7d0e79c71e5e-FRA
x-amz-id-2: e3bzHDxJ/gGu3jgSwzlpMAnHxVi64l2r1kEpNHmt8TNQGwqCCSRzYsoGG4zoKvdKxOzYBUf19Bs=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
879 B 42ms
7ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 23:04:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42292
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230052-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 57ms
23ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 3a3c33942e5ddab26f06a0e709787e24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
939 B 230ms
229ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=79791806021982&correlator=1946023185471130&eid=31075788&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C5b1fcc9a-8fd7-4f9e-af23-7e840d87b75d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3557535414&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3De3059217-b83a-4a72-aedf-09b9a45041ce%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D7%26bid-p%3Dgoogle%26bsc%3D85&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688684684518&lmt=1688674121&dlt=1688684684032&idt=441&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=46655867.1688684684&ga_sid=1688684685&ga_hid=1486102449&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3snN65IxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjeyc3rkjFIAFICCGQSGQoKcHViY2lkLm9yZxjeyc3rkjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3snN65IxSABSAghkEhcKCHJ0YmhvdXNlGN7JzeuSMUgAUgIIZBIZCgp1aWRhcGkuY29tGN7JzeuSMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f68674f67bdaf992f031056f35548b0396c08515bf72a664ff3338a5047188c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 908
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CBE 6 KB
3 KB 82ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:44 GMT
expires: Fri, 05 Jul 2024 23:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 37 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl_page_level_ads.js?cb=31075788

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 11:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41262
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13139
x-xss-protection: 0
server: cafe
etag: 4037606220920726119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 11:37:02 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 17ms
16ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pdc=0.43614764213562013&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJJ16YQ2J0YTHRE5VTF3
date: Thu, 06 Jul 2023 23:04:44 GMT
cf-cache-status: HIT
age: 2452876
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d0e6e63371c-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 314ms
312ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=79791806021982&correlator=1413425058677627&eid=31075788&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9e1762e5-f19c-4938-8d9d-60bcfa7404f5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280&ifi=2&adks=3709393554&sfv=1-0-40&prev_scp=ti%3De3059217-b83a-4a72-aedf-09b9a45041ce%26chrand%3Dy%26pof%3D0%26bid%3D0.29%26bid-p%3Dgoogle%26bsc%3D85&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688684684549&lmt=1688674121&dlt=1688684684032&idt=441&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=46655867.1688684684&ga_sid=1688684685&ga_hid=1486102449&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3snN65IxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjeyc3rkjFIAFICCGQSGQoKcHViY2lkLm9yZxjeyc3rkjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3snN65IxSABSAghkEhcKCHJ0YmhvdXNlGN7JzeuSMUgAUgIIZBIZCgp1aWRhcGkuY29tGN7JzeuSMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f677559c133d513477065c1a57e330133c78de2ab3764bee9fbcff66cf4003b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11570
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 103ms
29ms XHR
application/json 54.171.151.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.151.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-151-8.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 711f0ff955b5c099eeacbdcf9196f85a99ca98ea4508d7dc90862426de86fb27

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:44 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://imgsed.com
cache-control: no-cache
x-server: 10.45.16.235
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
316 B 23ms
21ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: c31c654dfc6b26904c0c9c4c4f624283f699e0db6d4fdaa5cde0d74b29c034e1

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 2d2dfaafc3cddfc7d25e9f3bf8fadf8e
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 57ms
22ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://imgsed.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://imgsed.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 06 Jul 2023 23:04:44 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 362b31713b78f61a699e19f777b3c7ff

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 40ms
7ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://imgsed.com
date: Thu, 06 Jul 2023 23:04:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3B11 15 KB
6 KB 43ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 298501
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3B11
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=KC8tZHxXMS9vNEtJR2cxRzMra0kvdnJJUHQ2RHJyZE5tdFYrTE9MOENaVHlyZmpFc2dXbjRBYmtiQ001K2I0YUQwaHN4dG5ZOU42bkw2M1dGRmd6OE83bERJUGpudTZoTDVqdEc5WDlCcEs4NURFUmttWm82RW9LQnlBbl...

419 B
646 B

102ms
19ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KC8tZHxXMS9vNEtJR2cxRzMra0kvdnJJUHQ2RHJyZE5tdFYrTE9MOENaVHlyZmpFc2dXbjRBYmtiQ001K2I0YUQwaHN4dG5ZOU42bkw2M1dGRmd6OE83bERJUGpudTZoTDVqdEc5WDlCcEs4NURFUmttWm82RW9LQnlBblQreDVweHg5L1RobzI4VlM5NDQ0OUZ6R1dDRWdDTzltVGI0eG9uVUVPd0NjeFN2cndTd05WTi9VMnl2MUljMDNUMnNmNTh5VVBhSnpvU2ZwZmE4Wk5zLzFVc1FnZEZtUG15eWNlSm9EYmVYUGRWYVk0ZUVza3V0YWl0VWpyNDhiV0JSeVNqZHJuL0d6U1FJc3FtYmlvRE00VVl6TUw1QT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3cc62913b878e5cbea95cd367b985c05b1855cf420761a02ced5ad1cc3519436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1210366
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=KC8tZHxXMS9vNEtJR2cxRzMra0kvdnJJUHQ2RHJyZE5tdFYrTE9MOENaVHlyZmpFc2dXbjRBYmtiQ001K2I0YUQwaHN4dG5ZOU42bkw2M1dGRmd6OE83bERJUGpudTZoTDVqdEc5WDlCcEs4NURFUmttWm82RW9LQnlBblQreDVweHg5L1RobzI4VlM5NDQ0OUZ6R1dDRWdDTzltVGI0eG9uVUVPd0NjeFN2cndTd05WTi9VMnl2MUljMDNUMnNmNTh5VVBhSnpvU2ZwZmE4Wk5zLzFVc1FnZEZtUG15eWNlSm9EYmVYUGRWYVk0ZUVza3V0YWl0VWpyNDhiV0JSeVNqZHJuL0d6U1FJc3FtYmlvRE00VVl6TUw1QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 273805
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 78ms
55ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc5e802de0e2a4aaef62bbdd4afad1afd8f0f31e03d273f00e20af23e548f566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11972
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pdc=0.1807600200176239&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJJ16YQ2J0YTHRE5VTF3
date: Thu, 06 Jul 2023 23:04:44 GMT
cf-cache-status: HIT
age: 2452876
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d0f7f87371c-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 24ms
23ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H4B84TTR0HYCCB4BQBXB73YW
date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 141887
etag: W/"c7e963c0d989e2de7e1130bf3281bc3e-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7e2b7d0f7bd9692b-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 86ms
85ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=imgsed.com_auto_728x90_sticky_display_bottom&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJRVEDSPGQZZKHKY1NNQ
date: Thu, 06 Jul 2023 23:04:44 GMT
cf-cache-status: HIT
age: 2452876
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d0f7f90371c-FRA

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 18ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgsed.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 319ms
318ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=79791806021982&correlator=1286717006653801&eid=31075788&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C840219cb-19cc-4356-9a61-e5772cde584b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=1184291071&sfv=1-0-40&prev_scp=ti%3De3059217-b83a-4a72-aedf-09b9a45041ce%26chrand%3Dy%26pof%3D0%26bid%3D0.12%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D85&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688684684726&lmt=1688674121&dlt=1688684684032&idt=441&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=46655867.1688684684&ga_sid=1688684685&ga_hid=1486102449&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3snN65IxSABSAghkEhkKCnB1YmNpZC5vcmcYkMrN65IxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7JzeuSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFMYjZyeDYvMkNIUWErNVppNGZ0UXZ0eUM2TnJ2VUpvWkpXaXphYWcrRi9yTWk4dFBndFAzeWo5Mm1UUHlORjdyd1NpVjI3VWZkZ3pKNnBEajB5RGJFZDFURHpGTHVwbTEwNFpoMmU0Z21ZQVpBU1h3RU9LdzkxQklWSUMzQXJyYTA0YkJkWkhlbUJsOEFBTy9weGZ3U1dNQWUvcWlzQW9QT2xRQld1RUlxMG89GPrKzeuSMUgAEhkKCnVpZGFwaS5jb20Y3snN65IxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjmys3rkjFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3327bbcd4f16454be530a83515a35aaa91cd8efd001ca4b77194eff3ba84fc53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10100
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 58ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 23:04:44 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 88ms
87ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJJ16YQ2J0YTHRE5VTF3
date: Thu, 06 Jul 2023 23:04:44 GMT
cf-cache-status: HIT
age: 2452876
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d0fdfe0371c-FRA

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgsed.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 164 KB
48 KB 291ms
290ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=79791806021982&correlator=1069011887008426&eid=31075788&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ccd5f0bdc-b9a1-47ac-a657-60582e930ab9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=1021207636&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3De3059217-b83a-4a72-aedf-09b9a45041ce%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D85&eri=1&sc=1&cookie=ID%3D1f78c4b6941aa5cb%3AT%3D1688684684%3ART%3D1688684684%3AS%3DALNI_MbFeXBcLxKyYxetw0RwR6nlJey2fQ&gpic=UID%3D00000ca36782e4be%3AT%3D1688684684%3ART%3D1688684684%3AS%3DALNI_MZnvnJIWDu2x63LdXqLmyaUf8GT1g&abxe=1&dt=1688684684784&lmt=1688674121&dlt=1688684684032&idt=441&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=46655867.1688684684&ga_sid=1688684685&ga_hid=1486102449&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3snN65IxSABSAghkEhkKCnB1YmNpZC5vcmcYkMrN65IxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7JzeuSMUgAUgIIZBLCAQoIcnRiaG91c2USrAFMYjZyeDYvMkNIUWErNVppNGZ0UXZ0eUM2TnJ2VUpvWkpXaXphYWcrRi9yTWk4dFBndFAzeWo5Mm1UUHlORjdyd1NpVjI3VWZkZ3pKNnBEajB5RGJFZDFURHpGTHVwbTEwNFpoMmU0Z21ZQVpBU1h3RU9LdzkxQklWSUMzQXJyYTA0YkJkWkhlbUJsOEFBTy9weGZ3U1dNQWUvcWlzQW9QT2xRQld1RUlxMG89GPrKzeuSMUgAEhkKCnVpZGFwaS5jb20Y3snN65IxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjmys3rkjFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5d5578e874a7a47d7a76e7293f2186225aba110c6ba7e33f2f9abad23c1f12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49248
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36B9 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:56:23 GMT
expires: Fri, 05 Jul 2024 20:56:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 59A6 783 B
1 KB 63ms
20ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bbcef4b5fa793a318f191a371b18449227add2dfee0fa770d7be911149cc408

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IKNk0Wut9ejFCiGY04Bysg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-IKNk0Wut9ejFCiGY04Bysg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:44 GMT
expires: Thu, 06 Jul 2023 23:04:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 36B9 37 KB
14 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H2 200 container.html Show response
7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4E0 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:44 GMT
expires: Fri, 05 Jul 2024 23:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.29&b=2&r=imgsed.com_fluid_sq_index&sy=b542b38c-f0d4-4a0c-993b-7a9aad2e104a&ts=85&cd=2&pud=235&pus=c&pue=313&pid=22&pis=c&pie=335&ppd=141&pps=a&ppe=454&pcl=142&ttc=584&tti=953&ttif=0&lca=454&lcak=ppe&lct=454&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=500x280&mlbw=4g&mlcs=NaN&mltp=e3059217-b83a-4a72-aedf-09b9a45041ce&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJJ16YQ2J0YTHRE5VTF3
date: Thu, 06 Jul 2023 23:04:44 GMT
cf-cache-status: HIT
age: 2452876
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d10b912371c-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 59A6 0
0 40ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=79791806021982&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F4D0 624 B
534 B 23ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOaY_-ABMAE&v=APEucNUbVFxNDKdwjZWXgTw_sCTaK8CDgIChovfd_DiC81eHPkZHM1IeknQDZzEFtk2BVvSxQzwvWonbcwg3MaF0zFCrVU2_lSbA6kgKcTnufCm4xkGwpmlxplnJ7pB_iPU5a2laYX1cCbskYMwKFabL5TeWYyIKAXgY7qwZntsso4YTUy9Dj3ijE_hTuJFIPoJOkbi7SZU6O5SvbZnzPGnsgd2xVDgncw

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:44 GMT
expires: Thu, 06 Jul 2023 23:04:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B6B9 78 KB
27 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 23:04:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame B6B9 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame B6B9 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6B9 179 KB
57 KB 46ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6B9 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDiTR4enMA7b7lAkJFVwyUos4BvMyDVLGN43IkkLlJDH52w5BeLYj68VKB9oHFp_RmRq9fxnv3L5_bAYvXYHEnHQdjPgb3YZ1rBVkceDYpx9m0-LA

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6B9 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6640625129260488213&x=1&ct=77

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F4D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgEMkCsuIwiOxloQaMdusE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgEMkCsuIwiOxloQaMdusE&google_cver=1&C=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgEMkCsuIwiOxloQaMdusE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOaY_-ABMAE&v=APEucNUbVFxNDKdwjZWXgTw_sCTaK8CDgIChovfd_DiC81eHPkZHM1IeknQDZzEFtk2BVvSxQzwvWonbcwg3MaF0zFCrVU2_lSbA6kgKcTnufCm4xkGwpmlxplnJ7pB_iPU5a2laYX1cCbskYMwKFabL5TeWYyIKAXgY7qwZntsso4YTUy9Dj3ijE_hTuJFIPoJOkbi7SZU6O5SvbZnzPGnsgd2xVDgncw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 23:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 23:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEOgEMkCsuIwiOxloQaMdusE&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F4D0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKdIjcffcAXcOwWGZoJb-QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOaY_-ABMAE&v=APEucNUbVFxNDKdwjZWXgTw_sCTaK8CDgIChovfd_DiC81eHPkZHM1IeknQDZzEFtk2BVvSxQzwvWonbcwg3MaF0zFCrVU2_lSbA6kgKcTnufCm4xkGwpmlxplnJ7pB_iPU5a2laYX1cCbskYMwKFabL5TeWYyIKAXgY7qwZntsso4YTUy9Dj3ijE_hTuJFIPoJOkbi7SZU6O5SvbZnzPGnsgd2xVDgncw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 23:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F4D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDjUvMCfiLHqN8cH3RBppZA&google_cver=1

43 B
843 B

7ms
7ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDjUvMCfiLHqN8cH3RBppZA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOaY_-ABMAE&v=APEucNUbVFxNDKdwjZWXgTw_sCTaK8CDgIChovfd_DiC81eHPkZHM1IeknQDZzEFtk2BVvSxQzwvWonbcwg3MaF0zFCrVU2_lSbA6kgKcTnufCm4xkGwpmlxplnJ7pB_iPU5a2laYX1cCbskYMwKFabL5TeWYyIKAXgY7qwZntsso4YTUy9Dj3ijE_hTuJFIPoJOkbi7SZU6O5SvbZnzPGnsgd2xVDgncw

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
an-x-request-uuid: 2f79f2b8-cf04-466f-9604-29c6fd3d3bd5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.72; 45.141.152.72; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDjUvMCfiLHqN8cH3RBppZA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F4D0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D

170 B
244 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
an-x-request-uuid: 356fb4e5-1ecf-42f1-a815-257cd2063de3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D
x-proxy-origin: 45.141.152.72; 45.141.152.72; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6B9 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2674161370103&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6B9 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2674161370103&version=m202301230201&ct=77&x=1&cor=6640625129260489000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B6B9 29 KB
17 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwWK1ZotguggHyLxhpiSpXVtQ1991GEUJ9b_5X_GwNeU_fabtJekGPGm_oQ8WCoKDQHSIKJj3fNr77EYvg2XwA7HMPEXwG8I49k0aGv5GvsmXvpZzRX5jtWCvIQvbaZJt4Vu-67DIoQgOzBspmeThUuWQSq8buc7VvUKexRz604qqMNWg&cry=1&dbm_d=AKAmf-BAKuMCKvDgnTc7zagNpEdkDTsBe-XejVxQ6oDELjl8umtdFLtsXsfCp1VIy_GdoZ57DTMQU6c6vwfXNQuzpak4ZZ095SV6zvFc3sVF6RLBor7114cHB8cIG7ppFq5CB-_3L1CaEODP6mSbUWEGCvnyRbScOgRjyoJcOEg8QDJwn6pw_0ozh68AnB1WfCxPEdvPd7XCk7ZtudGFy-KoVnvbBaI4az3PZWAa--1Qbg0Y0wQ4OqvGXOhe6yZGmOyepgvMp6AxjbkFgWJAMUbw2WGaO8CzUnM6wX1czpLdS6e7N1Q20tdWEftdqn1Ea97s8UC-ymHGRVXLrlMFTcngjNdcAJLFcjf0xfJ5EOEWYrPKQ-7JlURz1UoFzB0JMNjkgO0ELIF_ZZUNgW-g3yhp6b9SjBVlC2_XOpBv8eemjCSB8xnZEXuL9WypMEb0M4qX7olS1tptu1OVEx9lRh8pkrJtvW-UlgMcB4uBEkiwPRnmexcg1HnjZLhNZ18nCUq1_Ev3Dpv4C5KOSR4SAwWLuEJn47nzlO6WG5iIBv2NEGR5F4vKSJ0Sr1gI-ih7F2NSClZ71O0yAnZnlBpVVdkuH2wGiL_qfpyCrHvuzs84GMF2mBzLWs93dkQri-IK3Ie24uLmR6JGr31WrNzeXvFCQ7b4hpdnil3DrBSReziTi1aFnXLAHLeKTgP1U7fuWsdxz9hpwuuhO0DWKhkb9jIFqxC2KEXkSQD2LLSGanptEAy_BHFMe2uR4u_LB1m-UOvUIq--8w7_kFXubXuJedmKlGD4PypVmCEJIwdl-npAEdRQ8ODBlORFaXaTfYS83qGX5LQaUpOq-Vq5_ypXEWu7lID_32iuvhMoMGDXytBSTADhIDr0xHtgOg0YbUbdNeYxEVH2A6Pl_CwQ12Kt6asCVhymrXZzcjkdmN4VF-5FYh0m0rblTq2RalVidmPiU4_FGvIFEMk1RfQ-QoM10EgGNr5XT9UCRX3iWdJ1CncbvJUjX5CLBUFk_pjgZap2sTW0Pa44-vessazH8EowsQvsNS0c4Emrn1G5p5aq0RfRTkdqyrO1UR-aZHiOTstCYplU9lzZ5Wx27DddCW6sLWKMohAaVBOFLNBe_EZxulPGwH-a-kzd_QnSUyfXVcv-R0YL7Q2-MKTBpObIln2DPVxykkl8afcFKPmLGtkKjGLExqfmg-Mah9boy6bzpR5TfnJ7j-akFD4mMkRpEcAcbX_rvR6zZCjScEFIxr6rEZV5VbB8m939sdl11X6UouiPxWPLSDxuGapHHstGV5-3P8kmEP605D6xITqLE8pRylZgpdXLV3c20ECse0cNDMdZa-4LiX0TTozXNMmggF49r0pNdFCUn856mGynaQ-J9Gfe6mtMQjoJmC3krSDFzKhZhYIbUWDd0NXDw4xI1J-qjfSnstdcOG6rt1eUd9HIgtq0mH_c5iiaXfKjqOog0LpsnfZwYQmg0MvJwHCapHLsofFs2C0lcX4CxaA08eWn4b7XGIohJy-AHKA98u6-W6CfVqyeKFV9FzdMl3Sa1VaKvqT4oR900mpI0JPWnM8o2vgDIknnfpI9DkHj8_w_oUhRZeCSVeshDLOkp6Y1Fm1pLaZoTAwW1gtFnTKwXTqsDd5M5E_wLCJ92TJNSziNZbk16jAPFg6t1t-xGQiO2z6JaxFHUIOyZTyUVd_95DqA-aM50WblZtV8k3hRqmRDc6BT6GBWgj3jna0PrQ9J2x9ej8UDb6b31lzVMUL-Gmll_PVNI0DSR2wXDvlyEHRWSWL2GGohB-qSYzbHPMK0i8JvLgLJtp-GxHIHBb-CBdYFgjsOZtLP5Bw4LKSUHo5e-cP7-K42yKwsqSC0fu_373XUp0E0K95HqBgoIbVG58ggBLd8_8_zyi_jEXZ7dlTwCvhY9dXHGhyNvbpNl-VMCpa42OqTFoStfSAVEoo1LwMps02upV6fNoIAux398FiMLn5EUI0cFx9gwuezAlIudNk9NgloDnb0566o0d4DxNGxLt2G_L-ynTGBPrPM9eM-10grFDazMYk9EJJeuFEGlvUiOaxWh9NiVTyf3205daBhQIIsqk_j6Aqd-i5LLJjLXOxhPlgAjDguaDJDr9bDmxXwh9KVAZMFZEaJZkCaZXAvXuYAtOULjBmpCeNeNcwDbIbVVQX9rC7xepk_yZP0ebOsEPOOWwR4S2Bu58k8pqmhfZys7JnlioXbs5D5CT5K28gui5lIW0H9s5yS0wARlePErj_8W5UDhGdoNdEmZkfBc81lrrAGpUphzFrsxeRsfELzscRQhWJ8USfHSdb2vIcKthBe1Ppr5bQanwTxu9YP9eVSGxzqT2erkvrnwexHWJF_hXNrNFgI1DUS7UdFdN1-80sOsrKUj8EJ7HLMdiyUhqSzmX92T9Dx-NfpHieaiG3x3G0t7-5V9DvAcWA19T7fP26pmylVikWYYwEEEiTVQsneCHKmsDIa69oS2Lzr3CDxFquWmrFUOpuYha2vuT5XoFzXdvwTo8xsXsPM9c79Cl3AFRivD3yM2GQ9vw8SxHImhiAI1EMnjLjSZv3UNIHlKDIHI7aMT48irQiGGGZ-dNpZGq8I_i_l_o8Pf9lj08Old-dKrw_kCirQcuDETXRoQ7bUYMeQtXZwaNZMOeZ0xueLTAcGEmgxSpdVNs_ggxEYnguqd0gI0kXuO-3rvGQ4J2fsIDxPoTzwkDcJupTVdcBmHwPUsvAyyx_iXAukqShqQCY292hLEH4YoLiD0NifMCrpDMFpJWW0AoHQc-MDXD6DLNLYl1jvwPVzjri_RiHis21meLh_d_UgaiCYolNVvRHaChmowBJRPDRVqSVngytOmmVD_XvBYMJ_dDhJNstMnhmMqNj0lfV3wrCwpC9g_WiQKxNuHXNCb61Bm79MMRYLMkTRqWpUFei5hbGhXLvUY68vWA8L4G_qBX7u2hqICOiDgwVkwAzfpPbJ0CMZqwE6F28lm8T7JdQHr7b_RwxlYBU8R7-2Sm_pG93FwVx2Ra1Hxdp7hD4JKkoFbQRdgStTqD9VgyzeVxJOZILSqI0m5V532rb5NK3bKE_WC_h9pP18QGh7R00LkI5r-9S5B2bs5qRw8LKv-kc1S85Kwm9Eh_nzwajmMCh_nSIagr6CMzaSQ5sG3XfdzX9ZvSHaCTfONlKmTMdaxG8UJe82x6RzTv9jOGmeneVVuh0I7CaQddwPn9LvC_pihYHjWMvR9OTNWWWQ1tjK5_ryJN3XfwXMttYwRvK5a5zIdaWwekfDkuyRxDvPVG5MzV4IkdhAJzHrgpU2fOvcMxPrm-GSYbhFzDxV3d2yzMS4vlDUiTUPUSoHao7hB7P8Qlb8lF0T-VWNeeFy4vpm8N088uaYXsH48RJWxcVP5Wbl&cid=CAQSSwBygQiDaSYHIuEPiSW1j5rGuQ4n5UB8S9HD4sn_qpIwIabi_YPzH7S0hjNXFADRh5MgObwZ5K5TdxZ49dIVWP9Bsqc6hvS5Z5r0khgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fimgsed.com%2F&ds=l&xdt=1&iif=1&cor=6640625129260489000&adk=1761367587&idt=38&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca19c4a39e8517c43072ed49a111033ddce7e19f78107766780875686916d8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17518
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 36B9 0
10 B 9ms
9ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o8VyCA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D517 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:44 GMT
expires: Fri, 05 Jul 2024 23:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 91ms
91ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.12&b=2&r=imgsed.com_auto_728x90_sticky_display_bottom&sy=b542b38c-f0d4-4a0c-993b-7a9aad2e104a&ts=85&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=e3059217-b83a-4a72-aedf-09b9a45041ce&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJJ16YQ2J0YTHRE5VTF3
date: Thu, 06 Jul 2023 23:04:45 GMT
cf-cache-status: HIT
age: 2452877
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d11b9d8371c-FRA

GET
H3 200 container.html Show response
7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 468A 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:44 GMT
expires: Fri, 05 Jul 2024 23:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 91ms
91ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=1.96&b=2&r=imgsed.com_auto_interstitial_desktop&sy=b542b38c-f0d4-4a0c-993b-7a9aad2e104a&ts=85&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=e3059217-b83a-4a72-aedf-09b9a45041ce&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H29KBJJ16YQ2J0YTHRE5VTF3
date: Thu, 06 Jul 2023 23:04:45 GMT
cf-cache-status: HIT
age: 2452877
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "184c2b34ff0390c3de60fb1a3213ee4f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e2b7d120a4d371c-FRA

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F84C 624 B
242 B 22ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWKymrOrMPUxrTCynhMVLHGpb-1hdNNgsTmSoTNtx3Whgc0ZBdACj0NUzpTcIC-ExwURvNIo5dyPLbf8AzVrPZyzoGZiMpfFH14CUpIJ5dZU3J69SENvnQKRJQqNuwfu7t9gU1_pXOzz68CIZCSwn5C7mk532QFlTpvtiL5fzk9H6eg6TQ0PTkGu9ykFvugqpGNTYRC22DVTYqhUIEbYVUFVHIcUw

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D517 85 KB
29 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29790
x-xss-protection: 0
server: cafe
etag: 4661881725859498467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D517 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkOHEmlHQXDwIj-LvkwgoAP81CWmuQ9zEpXfDigWN50zN2JDlJCwmBUokSHbGq3Pa6Ll-xx_AjPxYJng9OpukCCltZjj0FML3Tgq1ku9swALO2zlM

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D517 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7039855855170558464&x=1&ct=76

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame D517 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame D517 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D517 179 KB
56 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame B6B9 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwWK1ZotguggHyLxhpiSpXVtQ1991GEUJ9b_5X_GwNeU_fabtJekGPGm_oQ8WCoKDQHSIKJj3fNr77EYvg2XwA7HMPEXwG8I49k0aGv5GvsmXvpZzRX5jtWCvIQvbaZJt4Vu-67DIoQgOzBspmeThUuWQSq8buc7VvUKexRz604qqMNWg&cry=1&dbm_d=AKAmf-BAKuMCKvDgnTc7zagNpEdkDTsBe-XejVxQ6oDELjl8umtdFLtsXsfCp1VIy_GdoZ57DTMQU6c6vwfXNQuzpak4ZZ095SV6zvFc3sVF6RLBor7114cHB8cIG7ppFq5CB-_3L1CaEODP6mSbUWEGCvnyRbScOgRjyoJcOEg8QDJwn6pw_0ozh68AnB1WfCxPEdvPd7XCk7ZtudGFy-KoVnvbBaI4az3PZWAa--1Qbg0Y0wQ4OqvGXOhe6yZGmOyepgvMp6AxjbkFgWJAMUbw2WGaO8CzUnM6wX1czpLdS6e7N1Q20tdWEftdqn1Ea97s8UC-ymHGRVXLrlMFTcngjNdcAJLFcjf0xfJ5EOEWYrPKQ-7JlURz1UoFzB0JMNjkgO0ELIF_ZZUNgW-g3yhp6b9SjBVlC2_XOpBv8eemjCSB8xnZEXuL9WypMEb0M4qX7olS1tptu1OVEx9lRh8pkrJtvW-UlgMcB4uBEkiwPRnmexcg1HnjZLhNZ18nCUq1_Ev3Dpv4C5KOSR4SAwWLuEJn47nzlO6WG5iIBv2NEGR5F4vKSJ0Sr1gI-ih7F2NSClZ71O0yAnZnlBpVVdkuH2wGiL_qfpyCrHvuzs84GMF2mBzLWs93dkQri-IK3Ie24uLmR6JGr31WrNzeXvFCQ7b4hpdnil3DrBSReziTi1aFnXLAHLeKTgP1U7fuWsdxz9hpwuuhO0DWKhkb9jIFqxC2KEXkSQD2LLSGanptEAy_BHFMe2uR4u_LB1m-UOvUIq--8w7_kFXubXuJedmKlGD4PypVmCEJIwdl-npAEdRQ8ODBlORFaXaTfYS83qGX5LQaUpOq-Vq5_ypXEWu7lID_32iuvhMoMGDXytBSTADhIDr0xHtgOg0YbUbdNeYxEVH2A6Pl_CwQ12Kt6asCVhymrXZzcjkdmN4VF-5FYh0m0rblTq2RalVidmPiU4_FGvIFEMk1RfQ-QoM10EgGNr5XT9UCRX3iWdJ1CncbvJUjX5CLBUFk_pjgZap2sTW0Pa44-vessazH8EowsQvsNS0c4Emrn1G5p5aq0RfRTkdqyrO1UR-aZHiOTstCYplU9lzZ5Wx27DddCW6sLWKMohAaVBOFLNBe_EZxulPGwH-a-kzd_QnSUyfXVcv-R0YL7Q2-MKTBpObIln2DPVxykkl8afcFKPmLGtkKjGLExqfmg-Mah9boy6bzpR5TfnJ7j-akFD4mMkRpEcAcbX_rvR6zZCjScEFIxr6rEZV5VbB8m939sdl11X6UouiPxWPLSDxuGapHHstGV5-3P8kmEP605D6xITqLE8pRylZgpdXLV3c20ECse0cNDMdZa-4LiX0TTozXNMmggF49r0pNdFCUn856mGynaQ-J9Gfe6mtMQjoJmC3krSDFzKhZhYIbUWDd0NXDw4xI1J-qjfSnstdcOG6rt1eUd9HIgtq0mH_c5iiaXfKjqOog0LpsnfZwYQmg0MvJwHCapHLsofFs2C0lcX4CxaA08eWn4b7XGIohJy-AHKA98u6-W6CfVqyeKFV9FzdMl3Sa1VaKvqT4oR900mpI0JPWnM8o2vgDIknnfpI9DkHj8_w_oUhRZeCSVeshDLOkp6Y1Fm1pLaZoTAwW1gtFnTKwXTqsDd5M5E_wLCJ92TJNSziNZbk16jAPFg6t1t-xGQiO2z6JaxFHUIOyZTyUVd_95DqA-aM50WblZtV8k3hRqmRDc6BT6GBWgj3jna0PrQ9J2x9ej8UDb6b31lzVMUL-Gmll_PVNI0DSR2wXDvlyEHRWSWL2GGohB-qSYzbHPMK0i8JvLgLJtp-GxHIHBb-CBdYFgjsOZtLP5Bw4LKSUHo5e-cP7-K42yKwsqSC0fu_373XUp0E0K95HqBgoIbVG58ggBLd8_8_zyi_jEXZ7dlTwCvhY9dXHGhyNvbpNl-VMCpa42OqTFoStfSAVEoo1LwMps02upV6fNoIAux398FiMLn5EUI0cFx9gwuezAlIudNk9NgloDnb0566o0d4DxNGxLt2G_L-ynTGBPrPM9eM-10grFDazMYk9EJJeuFEGlvUiOaxWh9NiVTyf3205daBhQIIsqk_j6Aqd-i5LLJjLXOxhPlgAjDguaDJDr9bDmxXwh9KVAZMFZEaJZkCaZXAvXuYAtOULjBmpCeNeNcwDbIbVVQX9rC7xepk_yZP0ebOsEPOOWwR4S2Bu58k8pqmhfZys7JnlioXbs5D5CT5K28gui5lIW0H9s5yS0wARlePErj_8W5UDhGdoNdEmZkfBc81lrrAGpUphzFrsxeRsfELzscRQhWJ8USfHSdb2vIcKthBe1Ppr5bQanwTxu9YP9eVSGxzqT2erkvrnwexHWJF_hXNrNFgI1DUS7UdFdN1-80sOsrKUj8EJ7HLMdiyUhqSzmX92T9Dx-NfpHieaiG3x3G0t7-5V9DvAcWA19T7fP26pmylVikWYYwEEEiTVQsneCHKmsDIa69oS2Lzr3CDxFquWmrFUOpuYha2vuT5XoFzXdvwTo8xsXsPM9c79Cl3AFRivD3yM2GQ9vw8SxHImhiAI1EMnjLjSZv3UNIHlKDIHI7aMT48irQiGGGZ-dNpZGq8I_i_l_o8Pf9lj08Old-dKrw_kCirQcuDETXRoQ7bUYMeQtXZwaNZMOeZ0xueLTAcGEmgxSpdVNs_ggxEYnguqd0gI0kXuO-3rvGQ4J2fsIDxPoTzwkDcJupTVdcBmHwPUsvAyyx_iXAukqShqQCY292hLEH4YoLiD0NifMCrpDMFpJWW0AoHQc-MDXD6DLNLYl1jvwPVzjri_RiHis21meLh_d_UgaiCYolNVvRHaChmowBJRPDRVqSVngytOmmVD_XvBYMJ_dDhJNstMnhmMqNj0lfV3wrCwpC9g_WiQKxNuHXNCb61Bm79MMRYLMkTRqWpUFei5hbGhXLvUY68vWA8L4G_qBX7u2hqICOiDgwVkwAzfpPbJ0CMZqwE6F28lm8T7JdQHr7b_RwxlYBU8R7-2Sm_pG93FwVx2Ra1Hxdp7hD4JKkoFbQRdgStTqD9VgyzeVxJOZILSqI0m5V532rb5NK3bKE_WC_h9pP18QGh7R00LkI5r-9S5B2bs5qRw8LKv-kc1S85Kwm9Eh_nzwajmMCh_nSIagr6CMzaSQ5sG3XfdzX9ZvSHaCTfONlKmTMdaxG8UJe82x6RzTv9jOGmeneVVuh0I7CaQddwPn9LvC_pihYHjWMvR9OTNWWWQ1tjK5_ryJN3XfwXMttYwRvK5a5zIdaWwekfDkuyRxDvPVG5MzV4IkdhAJzHrgpU2fOvcMxPrm-GSYbhFzDxV3d2yzMS4vlDUiTUPUSoHao7hB7P8Qlb8lF0T-VWNeeFy4vpm8N088uaYXsH48RJWxcVP5Wbl&cid=CAQSSwBygQiDaSYHIuEPiSW1j5rGuQ4n5UB8S9HD4sn_qpIwIabi_YPzH7S0hjNXFADRh5MgObwZ5K5TdxZ49dIVWP9Bsqc6hvS5Z5r0khgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fimgsed.com%2F&ds=l&xdt=1&iif=1&cor=6640625129260489000&adk=1761367587&idt=38&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B6B9 41 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame B6B9 43 KB
18 KB 148ms
66ms Script
application/javascript 65.109.120.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.120.242 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.120.109.65.clients.your-server.de
Software: nginx /
Resource Hash: 9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Thu, 06 Jul 2023 23:04:45 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 07 Jul 2023 02:04:45 GMT

GET
DATA 200
OK truncated
/ Frame B6B9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5ea05d84477b0638c5f18756b533ef964965e9d0b89725436bcef1354e4d880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F84C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1

43 B
766 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWKymrOrMPUxrTCynhMVLHGpb-1hdNNgsTmSoTNtx3Whgc0ZBdACj0NUzpTcIC-ExwURvNIo5dyPLbf8AzVrPZyzoGZiMpfFH14CUpIJ5dZU3J69SENvnQKRJQqNuwfu7t9gU1_pXOzz68CIZCSwn5C7mk532QFlTpvtiL5fzk9H6eg6TQ0PTkGu9ykFvugqpGNTYRC22DVTYqhUIEbYVUFVHIcUw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 23:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F84C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKdIjcffcAXcOwWGZoJb-QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1

43 B
766 B

12ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWKymrOrMPUxrTCynhMVLHGpb-1hdNNgsTmSoTNtx3Whgc0ZBdACj0NUzpTcIC-ExwURvNIo5dyPLbf8AzVrPZyzoGZiMpfFH14CUpIJ5dZU3J69SENvnQKRJQqNuwfu7t9gU1_pXOzz68CIZCSwn5C7mk532QFlTpvtiL5fzk9H6eg6TQ0PTkGu9ykFvugqpGNTYRC22DVTYqhUIEbYVUFVHIcUw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 23:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOf4tE27IbjH3Wl_ndNuIb4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F84C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxqIcR8cvyUGWCTD_B8nkw&google_cver=1

43 B
840 B

14ms
14ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMxqIcR8cvyUGWCTD_B8nkw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWKymrOrMPUxrTCynhMVLHGpb-1hdNNgsTmSoTNtx3Whgc0ZBdACj0NUzpTcIC-ExwURvNIo5dyPLbf8AzVrPZyzoGZiMpfFH14CUpIJ5dZU3J69SENvnQKRJQqNuwfu7t9gU1_pXOzz68CIZCSwn5C7mk532QFlTpvtiL5fzk9H6eg6TQ0PTkGu9ykFvugqpGNTYRC22DVTYqhUIEbYVUFVHIcUw

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
an-x-request-uuid: e7f71157-933c-445e-afa6-edbba1c1105e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.72; 45.141.152.72; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMxqIcR8cvyUGWCTD_B8nkw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F84C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
an-x-request-uuid: 52d03c17-c962-4c54-ac3f-fd7375cf4672
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MzQ2MTM0MDAyNjE5MDgwMQ%3D%3D
x-proxy-origin: 45.141.152.72; 45.141.152.72; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 468A 4 KB
745 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:23:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3246 14 KB
2 KB 28ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:43:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 3246 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 3246 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:18:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E17E 143 B
166 B 10ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 22:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 3246 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:54:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F593 1 KB
643 B 19ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 3246 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:19:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3246 0
0 20ms
6ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEbpLsBhEO54hchIObSDzeUsCxPcA9UP9FYUr0nZ_Wg79GUmofC1J7HxmXw12vGWM2DGc7S_xas1XF_VqLlgJtCGIJoA
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3246 179 KB
56 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame 3246 33 KB
14 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 10:04:54 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 468A 20 KB
8 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:31:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 468A 205 B
297 B 29ms
11ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:46:51 GMT
x-content-type-options: nosniff
age: 145074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jul 2024 06:46:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 468A 604 B
920 B 27ms
10ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:44:19 GMT
x-content-type-options: nosniff
age: 26426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jul 2024 15:44:19 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D517 0
20 B 44ms
42ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4969625608793&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D517 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4969625608793&version=m202306200101&ct=76&x=1&cor=7039855855170558000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D517 93 KB
38 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgMg9N3Fbr8Zv7veEg4X3JzCL3tl0lypBnJFnkb5PoL5G1zS9r6a18gpOQYy1Ja3Iz6jpKDpHiX7b2XZCy54j9RvUKAF_Zstbz2oN2VHR0mI7NrFv4ZqOTCeI3M-9ePSl591hheA5aHRdoymo_t_5TUgNJgSyS-_4KSXy-pbmYn2xkyCk&dbm_d=AKAmf-B6ToarMpmYnjMO-3fuZ6lBQccKYkZFyZ3HWPy7J2DPVrwX3PinGm-oBRjbOEZtlVayli8jaYaCZngDY2ICT2jjejSlrWVluXTjIcRMfqjp_UimZw5RrKklFPGf8GRGqJ6WK1lHWQ7LUCTccMBBn1t-mYUr0vJkuhGosTC7_1-3RTwFKyHdx7W4s-H3h25K1eq2IGKCXeTS3GgZFF3nGziOWOvf7GQxa6T73e0FUzxQcOTZXMD3Yv6QauzOyDGw6OpbXXhEbQqXb7y9ts-JPJ0jfUopy3tl4nPOFJSK-HP-WD4ZmdAXLjw7Z0rA9EWYOHQ8Cg7GSKYZSeMpwy_s7Jf5KL3mJFLlUklIdoSot-AYFqIYHZ9E59EqN5TG2m61sJaWKIBriiVqmf24zhDqUIL-ZRhmzI3sYG4cUU7iH0U4_ps6nWSndlYa3RnNn001TGnf1V4LrxamMHnsbBH0_26KTsm2zOjH44mpS9XAkxcF05UkM152R9L72g2OopwPDEsQyT_T7k-57elBBGc6M6VSttxRxj12hSd9zsXQfTtSHhHbXroT3syrLRx-j6XIeYFd8Vtghyjpzec02pBGrZAr699hFRNW-QDAGm1HdaGfvzT0avFyB7H6gJFCh2exuhLhKOI__atOZlJYkPQ4xfT-UHrIUG37asZjomFUlZr_ZAHOgInr1obvnbZcZp7ZgaDbBnVc4Bvw5u27MtWK2aHdQrJzH1d_lKSXcL8O_od0kPgAC_Pnop0PxSkNOSPgw-gKK4Dauj4oOzJx_MsLM1XDG4PJUZnXLfllcv_0SMb3ekJJx3NX0N1SJtdlre2fIZryTIrYZlMTMmPkB45FeIk_6FjgyAAzfl03qwRj-VbYlqAq4W_fbOOL5NxYHfOVZ7NynVvMEzqFD2An3HeUz8daGuQxJuzMeTBdMEaI8N_EndYyZmlZNEnAmmNkM7QVaHAwH_jp6gIabPW8pKSuW0T4DaT0q-uVG_nuLkjQv30whcSr6kLTBxYMeByp_vjxPy1eaQAQn-BmKykItC2zDGN4i8yev2Dk8dFm16vFbPOwyr3yJRqI6cagfMq2OiDzHEhlykcYUXzgC1_CH98z2t5AEgq-eJKHg4akw3oq7NWTMLQmTNSfQTuyjpRQCZmLLfO5_bxc-I6fkyYPtoUzO2dmWG8anMxMeZPolE3pnI7TXeMIJfgPW-rVpdwiNo3dtlTcwE58fbtUHY4YYSzbtCjDbFq0gCckEYNwFRWxAktDaGuaRBmYKsTgCr0tnPC1_YhvP6QMPX22W6BgyvI9c6q6JlaOAGjD29Tex6ldsPSILlG6vgRDNRSfp8goOnzVhSNOCiRZX87Me0XrxnwWp_DXk3Tgew6Tc-sC1kZBazvJ4Y4m4r5TCSR10pRsjOYJhnMAEmnv1fmbNhC-HpgIERwhaZHUl0Pk4wA-VWi078gYyGoCuYGnONf5JnswyC08MbbfbbSHEzKc8mu8PMje1vv2uw63Zj3SXFxebn7VBpjab7b7zfgyw44S591_rn1-YNkqzZeiWUsUFsT2w5JyCRRLj4KRX38lSxB8HOVRnNO8u9obRF4VLH8HEMASJF_I4o2rZCUrMlrxIAri91QWZBXPTqUIGA8OvicBbJgkrxgL93JJ1dxSnWmUHHeVdvENX0F8cU-d-VI5OlM6MQaCWOSKGAs-l1J-vsV3s-YmsYdNNR6mZYVFjag5aUHb-socW8eNyybNBJdPiFoMhpZ1QECenBXFpojkoGuiVlEFYIC2DRLILd8d6CQZn2HAWwakeYsEVLmCWJDmOCH7r8yXtYRNy82Sgub787N5AhOCYEMyEOFIbTZuF_mmOxZ1-dDXYyo8Uokq7EMr06yE4DDZxavDNmsVQK-cq4-5TRSg7GHaz0e1wCPoJBE3J6YFaraK-Egq9jgI4Z_opu9Tkqh9YjXb6uUVHiPBxKWnN9QubN2bd1h5jYHlNm5rRBs-WZn_rsvlvZa-LFgoB-C4Xr-9jPA00uOjWkuhOnzVi6d8SdZ3RmRgSYKm5L8fah34D-sh_wBdiBw1S-CTVs0M5S6AdGB6yBJfRzJgn2QtdqkGKaUAE6A8VO6mVQ4aDyGh2FxnNcSD6pLjVZqdDh3vIEepBVNy9RcWG3j_M7PciWhVNpqrVbN6UaWYJZza9H3ktwDIEr9fbrSIvu3Ml95UoErfXCrQszW3l7Nu6FtCJqNK_aKKqDHtGCcnyhI9AGIPqs2uXVUojF7TYrCDRE-DHTIVIsyiaa7sxjx3LZD8GAA3fVA1MNwKnCei8UPoGcP1tHtbo5b_apTyQPXScdBrO-VA5W08odYe1vLyXj8vMuVRY55IQ7LlCFKrVuPyhYyfqt8VQaIxjIxD1IzM62B6RsDCy4PmUEqU-kOe22LKHa8A8bVd7K0mAUHGvhNfyTQ5_3FrC_CU0XlnUxog3f5WP7zgU6YQ9SdsCvHB1JI8BReoAFVRrwNHPePNNljNjq2ySa1kI7PXimWdHSzz-o9mgx8Yj8YgFF0ms1UVrkfO-mtZwQw3qqV03YSH6KkXHW2NsfXpo9XK81Kgte8q_HeubV4I1IxNYv28LxYXqzDTKWmQOApzyIrftTByNaecrWaQJgUZVDquvhFeZh_kU3kg1XbnWQTZ9TMddXgqOI0IHfg3fG8vL1DdaxDTVPftRUBkH8TGa1d4hJ2yy8fP6-XzTfF3IxWk3XeZ_LLqrwTN01-XeWXk_d3qk_1AZyU2m0kXXqfEMwbKR9a8trUpIYDPgYYhsfg6QhZ24GpEhJsXomBFXyVrx95k9XKPDOgKytlHKsELGxy-R4r-GS91UvKUlxZ_3sS7QvqLip4_L0NtnosaTX7nxiSOaJvHjJGoFKt97tzAm6BLk_XoO6z--bUGics-UqQrH_8dkKrwqGTxAsUhiheqcMMXCvTVRj1GnSzxKPXyeJX0nXwjLjREnjYICySkEQtnzhCH5JG1bmvdnQ1BUCTiP2NtY6BawC2STHpfG2aWWP8fFEjRIW7hc8QtJNDek8SQjkEe6XYmaRxm6hV_B3DnRAdHbgr7zbX-ZJsZ6tCwHYEFdN80LBoCwo3oPuPb8H1CpV3hpIxQLqhsVaDAY4M7ctj7DY18UqaFiRgGF5ro32xgXU_IBWNx2-32QOHryRodikjPocTJ8wHuxhfk49GYRzjd1nZVluF6yVxQqo8BT0elhCoN3GZ58LoNldrHIuryl9VB7UuuUJO4Wk39cb7al1vZ9fZyc72L7HCW0tkNQ9o1l56lkPXqu962PZpa41zlCkNcOkXQlWGF2W2hF4ycBhcdP8Z3bkhHTLf1T8HSIJk48EHz2ZR7KKfDjvQG_YLt64aSHoNEYLfFcAuhwzwENXxzvbwtjFTzho8lTTYCV2W2VzqJCqDqJ0QGnNjCXQ-FlhmyWT1WIbo3yt8mfpedZd0OQzRIVqK9Q0nfFauzvbBlaZjdkWrdknx-oCD9_iczSh-aipL-GdwD8MggalujeydJFqQ5s7IzUR_X10B9S1KrsefA6SZIU9xyrQ3WRdCjl0znBlk0Pdg9uiA18TvluJqkdVj9mXoUFqwe8nlLzSssh0Us&cid=CAQSSwBygQiDqlY_ozKs3O9fOoJ9jFO08HAt5Nazckgc4ipDK5EmIY66xSwEMfF-lEBi7qARPGeUMe94PYW2tNYDYivBlhUNKubITno5CRgB&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fimgsed.com%2F&ds=l&xdt=1&iif=1&cor=7039855855170558000&adk=2228999115&idt=41&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39bb0a6e79840d56ae4d6afddf73f58322dcd089f05fcf0b32fc8d52ddd16320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38609
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.1/modules/ Frame B6B9 20 KB
7 KB 85ms
14ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9A) /
Resource Hash: 6b6e60142056a80251c1cf0fa9204219d00fb3e8d981c643e69163c29c505a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 17:15:13 GMT
server: ECS (amb/6B9A)
age: 484
etag: "6491dea1-4ef0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7288
expires: Thu, 06 Jul 2023 23:14:45 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 50AD 2 KB
1 KB 78ms
14ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 183
cache-control: max-age=600
content-encoding: gzip
content-length: 943
content-type: text/html
date: Thu, 06 Jul 2023 23:04:45 GMT
etag: "63e39f32-744+gzip"
expires: Thu, 06 Jul 2023 23:14:45 GMT
last-modified: Wed, 08 Feb 2023 13:10:10 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2B70 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F593
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAVImKm_uh9uIBfodB8e3Fc&google_cver=1&google_push=AaAOQGEXSiRzRlWLCmS5Nn9GQmNAhiezPj7-NV_c-H-WV34wa2SB1lYyr9s49W2WjkC6vqU-fKQigXbVk3H...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEXSiRzRlWLCmS5Nn9GQmNAhiezPj7-NV_c-H-WV34wa2SB1lYyr9s49W2WjkC6vqU-fKQigXbVk3HexF8FgvLFsSotvXRmSA&google_hm=r_Beu7sfQFuaBCO11o...

170 B
188 B

20ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEXSiRzRlWLCmS5Nn9GQmNAhiezPj7-NV_c-H-WV34wa2SB1lYyr9s49W2WjkC6vqU-fKQigXbVk3HexF8FgvLFsSotvXRmSA&google_hm=r_Beu7sfQFuaBCO11oIfFkg

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEXSiRzRlWLCmS5Nn9GQmNAhiezPj7-NV_c-H-WV34wa2SB1lYyr9s49W2WjkC6vqU-fKQigXbVk3HexF8FgvLFsSotvXRmSA&google_hm=r_Beu7sfQFuaBCO11oIfFkg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F593
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECGrGdmrpMk8O1Daxr3auno&google_cver=1&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKko...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECGrGdmrpMk8O1Daxr3auno&google_cver=1&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncr...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKkoz-GMyChtmA&google_hm=ChO9SfcDTFypst69G4Zerg==

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKkoz-GMyChtmA&google_hm=ChO9SfcDTFypst69G4Zerg==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKkoz-GMyChtmA&google_hm=ChO9SfcDTFypst69G4Zerg==
date: Thu, 06 Jul 2023 23:04:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F593
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP71zQw_-8mB4is-9UKyR3U&google_cver=1&google_push=AaAOQGECw6pMYKLg5v-rOr43wfDjxyLbI9JUo_-JqwuLk7RbxKtXmTqVwdEanosRNS2ZT72LnqReu56gL3c01eXwTW71ur6...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGECw6pMYKLg5v-rOr43wfDjxyLbI9JUo_-JqwuLk7RbxKtXmTqVwdEanosRNS2ZT72LnqReu56gL3c01eXwTW71ur6qD4FXfQ&google_hm=eS1YQmU0NXZaRTJwRUlM...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGECw6pMYKLg5v-rOr43wfDjxyLbI9JUo_-JqwuLk7RbxKtXmTqVwdEanosRNS2ZT72LnqReu56gL3c01eXwTW71ur6qD4FXfQ&google_hm=eS1YQmU0NXZaRTJwRUlMd21LQWw1VHIySWRHWS56a2psVn5B

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Jul 2023 23:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGECw6pMYKLg5v-rOr43wfDjxyLbI9JUo_-JqwuLk7RbxKtXmTqVwdEanosRNS2ZT72LnqReu56gL3c01eXwTW71ur6qD4FXfQ&google_hm=eS1YQmU0NXZaRTJwRUlMd21LQWw1VHIySWRHWS56a2psVn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F593
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEcXInIVXErDMhjRYTcLFpQ&google_cver=1&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv381yuA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEcXInIVXErDMhjRYTcLFpQ&google_cver=1&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MjI0NjY4MzQ0MDM0NDc0OA&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv381y...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MjI0NjY4MzQ0MDM0NDc0OA&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv381yuACMIBOJgG2M-VxHGLdxlf

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MjI0NjY4MzQ0MDM0NDc0OA&google_push=AaAOQGEmnPuU8jiKgo939yf0WkfQnqZFgFUnu_j64d1tUGpPC53mtCkFAzkQPPl8pa2Wu_Yykv381yuACMIBOJgG2M-VxHGLdxlf
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F593
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOFPi_nAU1PV0OuySfm9tJI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOFPi_nAU1PV0OuySfm9tJI&google_hm=ZKdIjcffcAXcOwWGZoJb_QAACIMAAAIB&google_nid=index&google_push=AaAOQGHwyq6sXFM7cuaZcPSvHf1qZKcYTnv72...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOFPi_nAU1PV0OuySfm9tJI&google_hm=ZKdIjcffcAXcOwWGZoJb_QAACIMAAAIB&google_nid=index&google_push=AaAOQGHwyq6sXFM7cuaZcPSvHf1qZKcYTnv72KofyNCadc8JkXJw_rMnUCrU4IiHrV4kchNRQxmZl98TminzSHqVVPIhXD8pRKJLjg

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 23:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOFPi_nAU1PV0OuySfm9tJI&google_hm=ZKdIjcffcAXcOwWGZoJb_QAACIMAAAIB&google_nid=index&google_push=AaAOQGHwyq6sXFM7cuaZcPSvHf1qZKcYTnv72KofyNCadc8JkXJw_rMnUCrU4IiHrV4kchNRQxmZl98TminzSHqVVPIhXD8pRKJLjg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F593
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEILvJ8_WtyhudFy8PtQCCtU&google_cver=1&google_push=AaAOQGEpb4XWgp1akRPmodHvVAxmy4CYOsSq7-3e2kn7jswo9-6tWUBjj31NQwyCc3BDHamUr0nSZExdb1xs...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpb4XWgp1akRPmodHvVAxmy4CYOsSq7-3e2kn7jswo9-6tWUBjj31NQwyCc3BDHamUr0nSZExdb1xsBELWfXtfpD3OycaUaQ

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpb4XWgp1akRPmodHvVAxmy4CYOsSq7-3e2kn7jswo9-6tWUBjj31NQwyCc3BDHamUr0nSZExdb1xsBELWfXtfpD3OycaUaQ

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEpb4XWgp1akRPmodHvVAxmy4CYOsSq7-3e2kn7jswo9-6tWUBjj31NQwyCc3BDHamUr0nSZExdb1xsBELWfXtfpD3OycaUaQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F593
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESENkeOrOGyQDLuMx1ZP_GYK0&google_cver=1&google_push=AaAOQGE4A4IbzdvZjdA0aGuJe9CgDpGgzz2nQrGul7IVyl7h65cgF6ZlM-iqUEATCpKjXjppJwc3UlOB7ujZPRzMbld-ezJiP...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&mn_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGE4A4IbzdvZjdA0aGuJe9CgDpG...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&mn_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGE4A4IbzdvZjdA0aGuJe9CgDpGgzz2nQrGul7IVyl7h65cgF6ZlM-iqUEATCpKjXjppJwc3UlOB7ujZPRzMbld-ezJiPKcouQ&gdpr=&gdpr_consent=

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 23:04:45 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&mn_hm=MzMxNjg2Mjg1NTQyODAxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AaAOQGE4A4IbzdvZjdA0aGuJe9CgDpGgzz2nQrGul7IVyl7h65cgF6ZlM-iqUEATCpKjXjppJwc3UlOB7ujZPRzMbld-ezJiPKcouQ&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F593 0
12 B 15ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISDczOxhlzuOM-QRbYbjKAwprde70N9hWaUXDHEExiyuZ2xI-895ljQUBY_3ZjBUsN0kSm

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E17E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
18ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:45 GMT
expires: Thu, 06 Jul 2023 23:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D517 172 KB
61 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Origin: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 14:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 14:24:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame D517 11 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgMg9N3Fbr8Zv7veEg4X3JzCL3tl0lypBnJFnkb5PoL5G1zS9r6a18gpOQYy1Ja3Iz6jpKDpHiX7b2XZCy54j9RvUKAF_Zstbz2oN2VHR0mI7NrFv4ZqOTCeI3M-9ePSl591hheA5aHRdoymo_t_5TUgNJgSyS-_4KSXy-pbmYn2xkyCk&dbm_d=AKAmf-B6ToarMpmYnjMO-3fuZ6lBQccKYkZFyZ3HWPy7J2DPVrwX3PinGm-oBRjbOEZtlVayli8jaYaCZngDY2ICT2jjejSlrWVluXTjIcRMfqjp_UimZw5RrKklFPGf8GRGqJ6WK1lHWQ7LUCTccMBBn1t-mYUr0vJkuhGosTC7_1-3RTwFKyHdx7W4s-H3h25K1eq2IGKCXeTS3GgZFF3nGziOWOvf7GQxa6T73e0FUzxQcOTZXMD3Yv6QauzOyDGw6OpbXXhEbQqXb7y9ts-JPJ0jfUopy3tl4nPOFJSK-HP-WD4ZmdAXLjw7Z0rA9EWYOHQ8Cg7GSKYZSeMpwy_s7Jf5KL3mJFLlUklIdoSot-AYFqIYHZ9E59EqN5TG2m61sJaWKIBriiVqmf24zhDqUIL-ZRhmzI3sYG4cUU7iH0U4_ps6nWSndlYa3RnNn001TGnf1V4LrxamMHnsbBH0_26KTsm2zOjH44mpS9XAkxcF05UkM152R9L72g2OopwPDEsQyT_T7k-57elBBGc6M6VSttxRxj12hSd9zsXQfTtSHhHbXroT3syrLRx-j6XIeYFd8Vtghyjpzec02pBGrZAr699hFRNW-QDAGm1HdaGfvzT0avFyB7H6gJFCh2exuhLhKOI__atOZlJYkPQ4xfT-UHrIUG37asZjomFUlZr_ZAHOgInr1obvnbZcZp7ZgaDbBnVc4Bvw5u27MtWK2aHdQrJzH1d_lKSXcL8O_od0kPgAC_Pnop0PxSkNOSPgw-gKK4Dauj4oOzJx_MsLM1XDG4PJUZnXLfllcv_0SMb3ekJJx3NX0N1SJtdlre2fIZryTIrYZlMTMmPkB45FeIk_6FjgyAAzfl03qwRj-VbYlqAq4W_fbOOL5NxYHfOVZ7NynVvMEzqFD2An3HeUz8daGuQxJuzMeTBdMEaI8N_EndYyZmlZNEnAmmNkM7QVaHAwH_jp6gIabPW8pKSuW0T4DaT0q-uVG_nuLkjQv30whcSr6kLTBxYMeByp_vjxPy1eaQAQn-BmKykItC2zDGN4i8yev2Dk8dFm16vFbPOwyr3yJRqI6cagfMq2OiDzHEhlykcYUXzgC1_CH98z2t5AEgq-eJKHg4akw3oq7NWTMLQmTNSfQTuyjpRQCZmLLfO5_bxc-I6fkyYPtoUzO2dmWG8anMxMeZPolE3pnI7TXeMIJfgPW-rVpdwiNo3dtlTcwE58fbtUHY4YYSzbtCjDbFq0gCckEYNwFRWxAktDaGuaRBmYKsTgCr0tnPC1_YhvP6QMPX22W6BgyvI9c6q6JlaOAGjD29Tex6ldsPSILlG6vgRDNRSfp8goOnzVhSNOCiRZX87Me0XrxnwWp_DXk3Tgew6Tc-sC1kZBazvJ4Y4m4r5TCSR10pRsjOYJhnMAEmnv1fmbNhC-HpgIERwhaZHUl0Pk4wA-VWi078gYyGoCuYGnONf5JnswyC08MbbfbbSHEzKc8mu8PMje1vv2uw63Zj3SXFxebn7VBpjab7b7zfgyw44S591_rn1-YNkqzZeiWUsUFsT2w5JyCRRLj4KRX38lSxB8HOVRnNO8u9obRF4VLH8HEMASJF_I4o2rZCUrMlrxIAri91QWZBXPTqUIGA8OvicBbJgkrxgL93JJ1dxSnWmUHHeVdvENX0F8cU-d-VI5OlM6MQaCWOSKGAs-l1J-vsV3s-YmsYdNNR6mZYVFjag5aUHb-socW8eNyybNBJdPiFoMhpZ1QECenBXFpojkoGuiVlEFYIC2DRLILd8d6CQZn2HAWwakeYsEVLmCWJDmOCH7r8yXtYRNy82Sgub787N5AhOCYEMyEOFIbTZuF_mmOxZ1-dDXYyo8Uokq7EMr06yE4DDZxavDNmsVQK-cq4-5TRSg7GHaz0e1wCPoJBE3J6YFaraK-Egq9jgI4Z_opu9Tkqh9YjXb6uUVHiPBxKWnN9QubN2bd1h5jYHlNm5rRBs-WZn_rsvlvZa-LFgoB-C4Xr-9jPA00uOjWkuhOnzVi6d8SdZ3RmRgSYKm5L8fah34D-sh_wBdiBw1S-CTVs0M5S6AdGB6yBJfRzJgn2QtdqkGKaUAE6A8VO6mVQ4aDyGh2FxnNcSD6pLjVZqdDh3vIEepBVNy9RcWG3j_M7PciWhVNpqrVbN6UaWYJZza9H3ktwDIEr9fbrSIvu3Ml95UoErfXCrQszW3l7Nu6FtCJqNK_aKKqDHtGCcnyhI9AGIPqs2uXVUojF7TYrCDRE-DHTIVIsyiaa7sxjx3LZD8GAA3fVA1MNwKnCei8UPoGcP1tHtbo5b_apTyQPXScdBrO-VA5W08odYe1vLyXj8vMuVRY55IQ7LlCFKrVuPyhYyfqt8VQaIxjIxD1IzM62B6RsDCy4PmUEqU-kOe22LKHa8A8bVd7K0mAUHGvhNfyTQ5_3FrC_CU0XlnUxog3f5WP7zgU6YQ9SdsCvHB1JI8BReoAFVRrwNHPePNNljNjq2ySa1kI7PXimWdHSzz-o9mgx8Yj8YgFF0ms1UVrkfO-mtZwQw3qqV03YSH6KkXHW2NsfXpo9XK81Kgte8q_HeubV4I1IxNYv28LxYXqzDTKWmQOApzyIrftTByNaecrWaQJgUZVDquvhFeZh_kU3kg1XbnWQTZ9TMddXgqOI0IHfg3fG8vL1DdaxDTVPftRUBkH8TGa1d4hJ2yy8fP6-XzTfF3IxWk3XeZ_LLqrwTN01-XeWXk_d3qk_1AZyU2m0kXXqfEMwbKR9a8trUpIYDPgYYhsfg6QhZ24GpEhJsXomBFXyVrx95k9XKPDOgKytlHKsELGxy-R4r-GS91UvKUlxZ_3sS7QvqLip4_L0NtnosaTX7nxiSOaJvHjJGoFKt97tzAm6BLk_XoO6z--bUGics-UqQrH_8dkKrwqGTxAsUhiheqcMMXCvTVRj1GnSzxKPXyeJX0nXwjLjREnjYICySkEQtnzhCH5JG1bmvdnQ1BUCTiP2NtY6BawC2STHpfG2aWWP8fFEjRIW7hc8QtJNDek8SQjkEe6XYmaRxm6hV_B3DnRAdHbgr7zbX-ZJsZ6tCwHYEFdN80LBoCwo3oPuPb8H1CpV3hpIxQLqhsVaDAY4M7ctj7DY18UqaFiRgGF5ro32xgXU_IBWNx2-32QOHryRodikjPocTJ8wHuxhfk49GYRzjd1nZVluF6yVxQqo8BT0elhCoN3GZ58LoNldrHIuryl9VB7UuuUJO4Wk39cb7al1vZ9fZyc72L7HCW0tkNQ9o1l56lkPXqu962PZpa41zlCkNcOkXQlWGF2W2hF4ycBhcdP8Z3bkhHTLf1T8HSIJk48EHz2ZR7KKfDjvQG_YLt64aSHoNEYLfFcAuhwzwENXxzvbwtjFTzho8lTTYCV2W2VzqJCqDqJ0QGnNjCXQ-FlhmyWT1WIbo3yt8mfpedZd0OQzRIVqK9Q0nfFauzvbBlaZjdkWrdknx-oCD9_iczSh-aipL-GdwD8MggalujeydJFqQ5s7IzUR_X10B9S1KrsefA6SZIU9xyrQ3WRdCjl0znBlk0Pdg9uiA18TvluJqkdVj9mXoUFqwe8nlLzSssh0Us&cid=CAQSSwBygQiDqlY_ozKs3O9fOoJ9jFO08HAt5Nazckgc4ipDK5EmIY66xSwEMfF-lEBi7qARPGeUMe94PYW2tNYDYivBlhUNKubITno5CRgB&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fimgsed.com%2F&ds=l&xdt=1&iif=1&cor=7039855855170558000&adk=2228999115&idt=41&cac=0&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame D517 30 KB
11 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D517 41 KB
13 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame D517 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 513456bef48cc8df1dc923db9a476285dfb0d2ebedd032ef11220b072b305f83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B70 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 188B 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H2 200 tag236561 Show response
ads.revjet.com/ Frame B6B9 253 KB
37 KB 47ms
47ms Script
text/javascript 65.109.120.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236561?_plc_id=111754751&_key=048&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCknfpjEinZNr_I5-49u8Pw8m44AfFnrm0cYb51OnKEZW06c_IAhABIJWbyiFgleKQgqAHoAG5rJCLKcgBCakCZ3BdLDg-sj6oAwGqBOoBT9Bzja6xUuhl9pqajSjfTvlkKmP3HM_Gj7TV-M-TOY_CX2PtV7qc-93LjiTiKZknNt3-yZ0FabnZJLLsjyNHZKHMB-6NTiLV1ZO_-XrhRJs84WQK8kOiAXpUa3dDYtqQU8Bu8FP4Vu3aja7A6SmpeF_XplS3O3qAPn9z2Lez_ksug1lbB3sRBxaDHird_Ybk2GKL7THwn3TNpMAl0_ug95Iv7Ex6ebqgtDPjOezF2HcXvv3qXPEp1KsdIbS8Tj_CwMNC0SC7qNvShkDnh_NW14dWUzj9FUsewlfvm6QUaPkHPhq73k_gjPSwwASQz8fMswTgBAOQBgGgBk2AB7nk4OoDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE5jD_BPYEw2IFALYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDaSYHIuEPiSW1j5rGuQ4n5UB8S9HD4sn_qpIwIabi_YPzH7S0hjNXFADRh5MgObwZ5K5TdxZ49dIVWP9Bsqc6hvS5Z5r0khgB%26sig%3DAOD64_0UtjsD_8iUKbZFfOshFNbjutTssg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-C7ho-wHZXY--hIN1O1jjt17ccVXjREZNg-UzVda8neNIVrKHMwvQ6IknzzcxO_T1ipWlpB840NpG5FE9Au6rai4u85ImrhFpyMKvhcvCPio04OeaKAEy42qkiR3iEWPiB69xgIb7ljvDz_qVKDXXpBdJD0o4w2TD5B1rbDGm4HF8icw88%26cry%3D1%26dbm_d%3DAKAmf-CINvA5kfXD14QFVe7AD5AxOEfnwmaDKqs8sEv_shNqRArzGmctjmL6sjVZNsPhpiu2KPMtEp0T5i42XCtwzBsEt8IROa3Y0qIl2Y3tEkpIkzMWPrR2pFOIEOUWJb-FbcRbP2xCdO3pGLSIWpsY56ToYxv4cPB4gR0ELiyzVzD3qv2mIIPlJa9QHiVGMmY8u4BBGLcuLO7h69Q88AwmSG_OFavxthB8zSZdxVGvVUz0DHcE5OvbHe-QVtA8Ud_xYuD-sNxO3D3_1nXuBEIJj1janUh0_5xulreMaEt2ciJE_CCffj7gp3cYpiuElA0i01UevAdLAEwuKccG0M4BmyL_f7E_6RRtM4PxrtOA0qBNcdEUTV2Lw_aFCf2drdJ6_tqzAkjGdqphJkuDIw0ukiNhRXABoSG2uAN6hZbQnRgsS-dVdjhzzWaDRHW701lQKm6dZ6OfYX1xvWEa2aAPhLWJuOlxUKPMNBdmaF-3leAvjLESFVDiZtbv-EUsXSHWDsCY4DC_PRwAiiIBnTW1VZtAvr9ordcJm4rRJulz40f4K59MO-8%26adurl%3D&dv360_cmp_id=20318507934&dv360_li_id=1013292762&dv360_crv_id=471845990&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fimgsed.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=fb986e733340da1173d0_1688684685555&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2F7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fimgsed.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1688684685566
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.109.120.242 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.120.109.65.clients.your-server.de
Software: nginx /
Resource Hash: 13ffe06060058d503d31dc4462cac2ed9d47f9175cfff0fe14906b45578398d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip51617
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2ED2 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9548364509937149214/ Frame F4F0 15 KB
2 KB 32ms
17ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2270
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 23:04:45 GMT
expires: Fri, 05 Jul 2024 23:04:45 GMT
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D517 0
0 110ms
53ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvq1C5YCEpjtIyyLZf7Cz7f0JvZ-myaULBItV__kW6-D6OBr_kPeI8i1l_LosSE1row6eH67pXrlSg8wbfaspK_7aucUyz08-1pKVv6fFSiAlvtPaWFAyJ3BrpWAHNsaEFmHkLP5o-rrWzTjDZQ9HCFxV12pxp2uWfj4hBvPWOJxZBclZ_vSmRLUY69urp1c0kZLHZNn_XWvA2TzKPQaNJx6tdyYuqQDVMDQuoTTdEjxOYBmFBbhDO0tZbbZwgk7YYsrjH5u6W9O9n9_4X9m-lQ7PAub5r59LwSmB-KvRnPs85dgc3T9IlEcFkIVYbnqaV307pkR-htkJuAgN-8DelF9P9zs9t8A8buf2HUuN4MivaKRiyUJJX_dotRZmXhf0zqevI0wD8a2CvO4c9izocPPrLBK-ERTcQjBd77Gh4U0iHyg5sYHgeVZ7H4L6FngUXqJyAx9fv4Y0Ng7zUUJCGcZ7yFvfGbZFyrnaZ3Cl4rq_ddm2-H5aHjIAEvItbTDSdP5STAz7GIvFzE7_Mqvj4lmSOoisONudyQWlJJ4o1_yZmEesfriY84QWp0KrxBxT3zOt_hRjnu66FQk5YiIpnjw4XOfGCf_mixDOcoNNlV6FpF8FbdnCDrrz54JIyciFfWl5ZpikSGYeiGcFw7Q6N39c7CPXZfp-0X2PC33EWyq6eM6pwy_QV6rSt-1jbG2_SGlfRXM5dkPhG9ddDoBNjl3Gr0I50aKSdIJXffsXnNEKysn0DR1pfubc6Y5k0Cr40qCPHMlQb6hiSZrU2sk3KqLHIhygtgZVl_w_zh-bEWAErKT60Fz8RWgKvVzdLVooUraNX_CY9IxdNcAkD91VbmPjHd_5K8Od12zAushcN6dlxCSpVFe5aJS6kdXYc-AV5OXxjp65M-vDlp57ZsIMMJeaYP3ErdldoC2V8s9Z7E0hH5qiELmV8bGdcHTGxhjHyDhw_q49Guwd0G7GeS1ymm9nqQadGfTGL_xbHRIkuMVF-OKYyOCcZz1IxNwY7o6Z4MwZMpKD0RgRIhSMk-1OJQjeLUMVI29X4HsM4KIJS9ogMM8lg66HrpOEW3HvipOkIirp8nqM7TBEu3d8E1f7N_ox-OUn2boHUy705WkIbvdKoAR5vGRou3qysfmK8F7AicK6q0SWEOEvSRcco7q8Je1eblsd1eJ_L83hTl92MHnlrE1Di4S74kSMm5w13Poea1q-gNyz8PBrUgPKpwg9RQLJxjEwLL9UJm8ZYBZ6CKo7BPiH9vLLhdwhQtg5o2nUnMvKfPARNHzY&sai=AMfl-YSLc9pJ6wZvlM3L4lpitjNz8OXvs_1WvYD02VG0SGpueRGE1AAvFtmOP8PbhTuuu_-M99hMrPn9zFritXHMD8rl84pHFNoAbC41w7WZ_odsK9KfQpLGx7QXBzoMvTX1S9u2gTrXM8gWyM1r_sDrNgOYoAMoqDNeC0sGyDeRhxqC5YfyoDg_iXfhL7qQG29r3ziF41pp9wL_NRhV7LZuZIDxnmlMJPZkDCAkfzhJKyuprvil0Uu7EDLIucx_UImpPt_CZ1g_aQNToAmDs7y5mwrnpxe8U-1p&sig=Cg0ArKJSzKLvcx1RkfZAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&cbvp=1&cstd=115&cisv=r20230705.23115&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/9548364509937149214/ Frame F4F0 9 KB
2 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2341
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Jun 2024 17:33:40 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F4F0 118 KB
40 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 13:52:36 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/9548364509937149214/ Frame F4F0 20 KB
5 KB 13ms
12ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 08:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571646
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Jun 2024 08:17:19 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2ED2 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame C826 167 KB
49 KB 57ms
16ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBD) /
Resource Hash: d73c41339127fc7c07b24b52089d5aad8caf7addaaf284fc71347a86487cf49c

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Origin: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 09:05:25 GMT
server: ECS (amb/6BBD)
age: 496
etag: "646b3055-29ce3+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50436
expires: Thu, 06 Jul 2023 23:14:45 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame C826 43 B
170 B 115ms
34ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=c4ff0ab8aa77dded8645568727ab69e0&__adt=8240603673329717717&__ade=1&vid=5065713957012203787
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 square.jpg
cdn.revjet.com/s3/csp/1680014892294/ Frame C826 866 KB
867 KB 15ms
14ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680014892294/square.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 0c95ec12dc6c2ab6093951c6b917ff6c896553f1ce59a5ed02baf1235baedc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
x-amz-version-id: 3fPaQivslqxi3yIkxxJfWm_vcpkRhCV.
age: 2378
x-amz-request-id: E1CNZX8DR6T9HQA9
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 886632
x-amz-id-2: P3pZJaCnBnjW6NRSuRwpMuk5DynIq55ODg1uFxqP1B2af1WMh2fFK2VI9zlTJF0N+KctBHxw2Ak=
last-modified: Tue, 28 Mar 2023 14:48:27 GMT
server: ECS (amb/6B9D)
etag: "7edde919394f0ebd665a2aba0ea6ccbf"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 07 Jul 2023 00:04:45 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame C826 56 KB
15 KB 15ms
14ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (amb/6B9B)
age: 504
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Thu, 06 Jul 2023 23:14:45 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame C826 632 B
660 B 55ms
54ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 3392
x-amz-request-id: VFA2NX4B00G58S66
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: dIuOU/Aps7qykVr4MPdy8v3ifo+af5jLzBPx4XnpirdgtNqfYZEdVNncI8PcyuKxJMD59CAQrRU=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 07 Jul 2023 00:04:45 GMT

GET
H2 200 Logo-Wordmark-noShadow.svg
cdn.revjet.com/s3/csp/1679927261226/ Frame C826 7 KB
4 KB 56ms
55ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1679927261226/Logo-Wordmark-noShadow.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-amz-version-id: _LI8vXFq5W37Tvc9LZcnQweHjqGcRfe8
age: 522
x-amz-request-id: K06CMQM5C9HDSMWG
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3634
x-amz-id-2: hQCbKo4QxfzwHfCRfB1ID2skoo3oZM75NRhyaoKEKkNprneVZRYOabmbgtnzRJ4j3Rbhpil9gSY=
last-modified: Mon, 27 Mar 2023 14:27:43 GMT
server: ECS (amb/6B83)
etag: "66704ffec01c0a05020997e7776a8b76+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 07 Jul 2023 00:04:45 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame C826 7 KB
4 KB 56ms
55ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 3255
x-amz-request-id: 35RK4MD7K75ASX7V
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: O0WySg7rUto2QPpUhpmeBD9s1kCd8ITbmhZq3eUdvYCpIyWwHVx5aywsCNOncjOQt4hofXs2eTA=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 07 Jul 2023 00:04:45 GMT

GET
H2

200

B29260104.357506718;dc_pre=CM212taY-_8CFX3huwgdt4cNGg;dc_trk_aid=548432028;dc_trk_cid=185777352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688684685590
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame C826
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29260104.357506718;dc_trk_aid=548432028;dc_trk_cid=185777352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16886846...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29260104.357506718;dc_pre=CM212taY-_8CFX3huwgdt4cNGg;dc_trk_aid=548432028;dc_trk_cid=185777352;dc_lat=;dc_rdid=;tag_for_chil...

42 B
119 B

27ms
22ms

Image
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29260104.357506718;dc_pre=CM212taY-_8CFX3huwgdt4cNGg;dc_trk_aid=548432028;dc_trk_cid=185777352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688684685590

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29260104.357506718;dc_pre=CM212taY-_8CFX3huwgdt4cNGg;dc_trk_aid=548432028;dc_trk_cid=185777352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1688684685590
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame C826 43 B
171 B 82ms
33ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=c4ff0ab8aa77dded8645568727ab69e0&__adt=8240603673329717717&__ade=1&vid=5065713957012203787
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 23:04:45 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/9548364509937149214/ Frame F4F0 3 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Jun 2024 15:05:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=79791806021982&bg=!SkmlSR3NAAb90kgr3dI7ADkAdvg8Wp_m4I7-Xgk-xFCCAbqTuvJG3udjvRM_rCEyarIZlAHzopSKO9i8YcyjHgmbnbRuAUz7qY4CAAAAy1IAAAAKaAEHmQKvmZA49Bd514JHDrZ0GkavCRKkI571VfH2WI7wskH-_rl3U2Y2ZubkApCK_0YcNJ39P8L8hAbnBWOqsDSSOuCwCG2HcminBr3USLWGuw47pc9XypM8-GRCyxcCqO0GQrZE7ICerrwwk_ywJqaUwjmsPOdx9EZRGtSVGCY1uHQy6wgAjNjNIbdb2bY5eex1MqEoILXZ1KWEKo78u7F-a0DNXpEOXjCoM59tmnoHFb_XiDz9heqc1DglV7HDrx-9AwvzI-oCgkTLBBKLf_Eapm_mme2H2_IqmEdB33jEhmuunI6LXo8eQef1615cZ9KlAvTiIZi5Jso3lFTxnJYPzVVfkQ_BKvIcjqxUYV9v4H0gsK5XGjxTPLmSEwCe4rP5J7N9U5B8gWLDkuajGCFNWkJio5c-s65mSOJweIJzeWe9IgseZ6NryogCLNcan17ViA6b_3-HICCdgnVDsVr8rm4m7sOiwTfSU-B_61R3oPiW8_IaP2jGfxfN5epjm00yBnezgfvC21dCpbsUAPovMop40B299oKq8_ms1EPg94wGICxnVTqnWiDRAWKMhxo32GLlmxPHhThrUt5yHJ7rp_bDGUlUQqt2tGIqmWBrk4O0C0XO5q9f2SyAvOOLA_N5LTuPLnxyDZK0ybU0uq3s25MoUC1rP3W6VjYU7ugq1Qevzwyp-su0ifFYvAfCUp_CqkG5t_WmlslAJL3QtEpyBcpUG0zJVDe689FclTsbXshpu4AeVsfrlBqDHCBO2VM-2ZmP7j9k0MLBdd18BVoggWiQaxkURs3eP6J8pWfEB4CM0KcfjJBVMP1AIUF5goY-MkbmMkLy8uguaqOYTDUIPrswBs9ovBsz9R70Ri9GIQkCs9w9_rDm25zmv8IL8pA8NH4Re9NMGJTFqkGVG8zKJkoi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame C826 34 KB
34 KB 14ms
14ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B71) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Origin: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (amb/6B71)
age: 524
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Thu, 06 Jul 2023 23:14:45 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D517 0
0 45ms
44ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvq1C5YCEpjtIyyLZf7Cz7f0JvZ-myaULBItV__kW6-D6OBr_kPeI8i1l_LosSE1row6eH67pXrlSg8wbfaspK_7aucUyz08-1pKVv6fFSiAlvtPaWFAyJ3BrpWAHNsaEFmHkLP5o-rrWzTjDZQ9HCFxV12pxp2uWfj4hBvPWOJxZBclZ_vSmRLUY69urp1c0kZLHZNn_XWvA2TzKPQaNJx6tdyYuqQDVMDQuoTTdEjxOYBmFBbhDO0tZbbZwgk7YYsrjH5u6W9O9n9_4X9m-lQ7PAub5r59LwSmB-KvRnPs85dgc3T9IlEcFkIVYbnqaV307pkR-htkJuAgN-8DelF9P9zs9t8A8buf2HUuN4MivaKRiyUJJX_dotRZmXhf0zqevI0wD8a2CvO4c9izocPPrLBK-ERTcQjBd77Gh4U0iHyg5sYHgeVZ7H4L6FngUXqJyAx9fv4Y0Ng7zUUJCGcZ7yFvfGbZFyrnaZ3Cl4rq_ddm2-H5aHjIAEvItbTDSdP5STAz7GIvFzE7_Mqvj4lmSOoisONudyQWlJJ4o1_yZmEesfriY84QWp0KrxBxT3zOt_hRjnu66FQk5YiIpnjw4XOfGCf_mixDOcoNNlV6FpF8FbdnCDrrz54JIyciFfWl5ZpikSGYeiGcFw7Q6N39c7CPXZfp-0X2PC33EWyq6eM6pwy_QV6rSt-1jbG2_SGlfRXM5dkPhG9ddDoBNjl3Gr0I50aKSdIJXffsXnNEKysn0DR1pfubc6Y5k0Cr40qCPHMlQb6hiSZrU2sk3KqLHIhygtgZVl_w_zh-bEWAErKT60Fz8RWgKvVzdLVooUraNX_CY9IxdNcAkD91VbmPjHd_5K8Od12zAushcN6dlxCSpVFe5aJS6kdXYc-AV5OXxjp65M-vDlp57ZsIMMJeaYP3ErdldoC2V8s9Z7E0hH5qiELmV8bGdcHTGxhjHyDhw_q49Guwd0G7GeS1ymm9nqQadGfTGL_xbHRIkuMVF-OKYyOCcZz1IxNwY7o6Z4MwZMpKD0RgRIhSMk-1OJQjeLUMVI29X4HsM4KIJS9ogMM8lg66HrpOEW3HvipOkIirp8nqM7TBEu3d8E1f7N_ox-OUn2boHUy705WkIbvdKoAR5vGRou3qysfmK8F7AicK6q0SWEOEvSRcco7q8Je1eblsd1eJ_L83hTl92MHnlrE1Di4S74kSMm5w13Poea1q-gNyz8PBrUgPKpwg9RQLJxjEwLL9UJm8ZYBZ6CKo7BPiH9vLLhdwhQtg5o2nUnMvKfPARNHzY&sai=AMfl-YSLc9pJ6wZvlM3L4lpitjNz8OXvs_1WvYD02VG0SGpueRGE1AAvFtmOP8PbhTuuu_-M99hMrPn9zFritXHMD8rl84pHFNoAbC41w7WZ_odsK9KfQpLGx7QXBzoMvTX1S9u2gTrXM8gWyM1r_sDrNgOYoAMoqDNeC0sGyDeRhxqC5YfyoDg_iXfhL7qQG29r3ziF41pp9wL_NRhV7LZuZIDxnmlMJPZkDCAkfzhJKyuprvil0Uu7EDLIucx_UImpPt_CZ1g_aQNToAmDs7y5mwrnpxe8U-1p&sig=Cg0ArKJSzKLvcx1RkfZAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=401&vt=11&dtpt=272&dett=3&cstd=115&cisv=r20230705.23115&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 23:04:45 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame F4F0 13 KB
6 KB 43ms
10ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 18:49:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F4F0 7 KB
6 KB 57ms
48ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde3925b5774a762c148506007ebef418d6da2f8c404716ad81b73aae049f163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5716
x-xss-protection: 0

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame C826 34 KB
34 KB 14ms
14ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA3) /
Resource Hash: 5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Origin: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:46 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (amb/6BA3)
age: 526
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Thu, 06 Jul 2023 23:14:46 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame C826 286 B
504 B 15ms
14ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:46 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 3256
x-amz-request-id: 35RTMWJBSFWM52QM
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: n1Jvc4G/0vXTG6lAirIpVf9sfoaahz7q9r45y3zXK4az/Ozt8zqmrG64u4tDYZcZLjiyrVKHHKY=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 07 Jul 2023 00:04:46 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame C826 36 KB
36 KB 15ms
15ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B92) /
Resource Hash: f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Origin: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:46 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (amb/6B92)
age: 522
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Thu, 06 Jul 2023 23:14:46 GMT

GET
H2 200 HelveticaNowText-Bold.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame C826 34 KB
34 KB 14ms
13ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Bold.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC6) /
Resource Hash: 8f2e0ab27b9cc767a52fe96052e61ec81db235a7d074a34a44ffe8634bf939c5

Request headers

Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
Origin: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:46 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (amb/6BC6)
age: 498
etag: "631b6705-8678"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34424
expires: Thu, 06 Jul 2023 23:14:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F4F0 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 23:04:46 GMT

GET
H2 200 696492248_uc
cdn.revjet.com/s3/csp/catalogs/prod/111523634/ Frame C826 925 KB
926 KB 21ms
19ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/catalogs/prod/111523634/696492248_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA1) /
Resource Hash: a4964a83799def66a1b1ec864ab5f9867312fb316c6e49eb47f0b1e8252468eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:04:46 GMT
x-amz-version-id: 8yhwwOVpDmQvkPKcybXWBtHjO.ymzlv6
age: 2174
x-amz-request-id: 35PTKNPAZTBF68WE
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 947459
x-amz-id-2: vy1tK+spbdCiBWb+1+qXjZYU6LZe9JedhddsjViHrLODB2BFxNwljFmYHFAShegfzNTT0F9/JhA=
last-modified: Fri, 23 Jun 2023 10:48:19 GMT
server: ECS (amb/6BA1)
etag: "7ee905dfc906691477c489d679450c6b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 07 Jul 2023 00:04:46 GMT

GET
H2 200 32a298318a3943ecb54ddc3245b7daa8.jpg
img01.ztat.net/article/spp-media-p1/6d257d7485d745ffa501a89e6b1ad03d/ Frame C826 7 KB
7 KB 54ms
8ms Image
image/webp 2600:9000:2490:2e00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/6d257d7485d745ffa501a89e6b1ad03d/32a298318a3943ecb54ddc3245b7daa8.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:2e00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a8e4555f84bde4d9be34080cddd88280b1d82862c5fca1334a217979ce6b67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 21:39:32 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
age: 437115
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6962
x-amz-expiration: expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Thu, 08 Jun 2023 11:40:39 GMT
server: AmazonS3
etag: "e1d2ddf60485c123e5720aeade304c29"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KHrP9NnQwlsaneYJNyn387y38nqDq08tfx5YzWweeM_PX89qcv3xPg==

GET
H2 200 6cb7400dc6414d3a932e0e0e2cb026e4.jpg
img01.ztat.net/article/spp-media-p1/a07f1f4519944f96b35cbfc02b036b04/ Frame C826 6 KB
7 KB 56ms
11ms Image
image/webp 2600:9000:2490:2e00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/a07f1f4519944f96b35cbfc02b036b04/6cb7400dc6414d3a932e0e0e2cb026e4.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:2e00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f514abd4d925d8e5c5f75aa9f3d991166d739658d72b91280a8338f7d2c1212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 21:39:28 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
age: 437119
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6238
x-amz-expiration: expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Fri, 23 Jun 2023 13:30:39 GMT
server: AmazonS3
etag: "d77ab3ac79bf3e3d2c9b86c156687344"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mWl3STFzGz4cb1HIsQ_OlJIsIce8FrpgsUXKFCo35Jv9uHLtjiln2g==

GET
H2 200 6b20b735c6b2480a932c4523ebdf02b6.jpg
img01.ztat.net/article/spp-media-p1/b32fa5f9da744c60a5fb4b7082924fc4/ Frame C826 7 KB
8 KB 61ms
16ms Image
image/webp 2600:9000:2490:2e00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/b32fa5f9da744c60a5fb4b7082924fc4/6b20b735c6b2480a932c4523ebdf02b6.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:2e00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e05c27ce5c25ffec3c23f17d0bf277f042195d5ff06615b9136a06db499d6735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 08:23:52 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
age: 916855
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7392
x-amz-expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Fri, 09 Jun 2023 14:40:12 GMT
server: AmazonS3
etag: "09a50356d171d01637827f139bae9a2e"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4htXPESTSU1QE2gkC_chZvrQsPMukSkkqYVgyRejHPkfmae94NHv0g==

GET
H2 200 f9a908cb314f4edc8b8a524182659937.jpg
img01.ztat.net/article/spp-media-p1/7d144e0078e6440e91bfec19912e72df/ Frame C826 17 KB
17 KB 55ms
10ms Image
image/webp 2600:9000:2490:2e00:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/7d144e0078e6440e91bfec19912e72df/f9a908cb314f4edc8b8a524182659937.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:2e00:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1f4aae27228b89011185acce6857276ee9470737496c472b23fbb1d7e60b234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:18:14 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
age: 625593
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17136
x-amz-expiration: expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Fri, 23 Jun 2023 12:47:48 GMT
server: AmazonS3
etag: "47608a2626b615878fc5314b905ebce5"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: uGdypb-M5uJh6CrJAq9YuthtD_wu9kwbNS5UMkNC8Rb0yAtmU4DwOg==

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame F4F0 98 KB
98 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:56:38 GMT
x-content-type-options: nosniff
age: 488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 23:11:38 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame F4F0 57 KB
57 KB 11ms
11ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:50:21 GMT
x-content-type-options: nosniff
age: 865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 23:05:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B70 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ_YwjUinZJb9AtutjuwPkMiTgA0AAAAAOAHgBAI&bg=!d3SldCDNAAb90kgr3dI7ADkAdvg8WlKWY3yGv2eKXvTeltXGCFJ85iJgpGg9Xv9Su5f8fzJcDjV7AivuzPCraWPOxyem66w8ahwCAAABplIAAAAHaAEHmQM2oMo9jCylHFEJQVGmNPaPVKeAIrP1jjDOSulcsnltMRch8LHKIVbl0YYPy9fWN7OgAT8CmFmqq8GziN8DBIsJYXC5bu2v2A3LAd9atHiLXGOw9qccV3LEVnc4cDxLMdiPji_nFdHHiTXGmKx_78CYxYb8aqj3N65Y1VXpxOJVliLeHNg_Qhkuzs3Gzx0KdogCfYAZp7ECvcb4pKIIhMK0sMiJD-ppYR0GoczwBPwma6dSpJKudAL3iMZC2h8Z-aIoQlgzO2icv4D43gCOXUngLMVoFi2j1faYCbxBRG2nIi5O0Ela26lAjkGcF73lYFolr7vwpV-nJPwWc-V53P9PjbvO0s8piX9jm0xcmfQRaNsUgxA602pturyGAxfb8lLZ4uU8cPyiGEKjT4QGDZYP-XFYs1si-BjX3yanRUiqZkboF1e8g4tvZZJ84nSsZqNokg9ob5q6DKulLpC27jXI1bIiQC8qU3_D0G1AHuC_B_UKBUxM6942eapKVSv5hJ28ljRLoktZutDtszGJXXhJldlbzp-rypJCkgKCuvAUTXFot8bEXvIAIYbWHLmJRhctME4ACMiA66_lBiaTgdsA5ul--4PHfY-nxkT_4HasY1-L91UuPD8LiZ3zSLgxWlYc-PJwoRaUJBo79WFLaCTRv3-MjtTdSuFxTgmDjVjGbGGesKywGLgGps1togCyMjktOr1qlH4OLsUf98qlDozbWdNSkeOiUMabw7HO4TRa--RvUAGD_Th5rwgiOOtZumosQvnRQRNgJBQ77PAGM5FpiEk5vqeVOXUIcVW9eejXhFOZCd-Hm0u0dnWYtWuXa3jgVD03cNnrPbTGlr8x28ZhHzMyfX2mc6GTsJklRfx22OPH8zeGQNz98Qbi02IcDCxNjgHiCXznWT-LJqMgYS0bKqP6A_glABcuGH66lSAvbPUd-dkQSvkcRNmNDAwmtztPhHQtzz9U1NoagwlqnV9WQVfo_JY3v9VKi-fEgT37L-YBq6p18og7lUnZPDYWhs5ScOPcGZ-HV7ffYvIKYiKKoVF8y5O0jy_m8Ld4feib8WuKwUsWOFwpu4o8pebaEH2YMdyJZSWJ

Requested by

Host: 7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
URL: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame A546 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 200 1456_180_q_1400x1200_anf-l-2206.png
s0.2mdn.net/4528404/ Frame F4F0 43 KB
43 KB 11ms
11ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1456_180_q_1400x1200_anf-l-2206.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16f0bf9e687ea86c51333bdbbb6e7e8b99ebe0f6d9a8649ead04d130835b9817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:00:01 GMT
x-content-type-options: nosniff
age: 54285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43832
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 22:03:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 08:00:01 GMT

GET
H3 200 03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame F4F0 23 KB
23 KB 12ms
12ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:02:50 GMT
x-content-type-options: nosniff
age: 10916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23315
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 20:02:50 GMT

GET
H3 200 1456_180_q_1400x1200_anf-l-2206.png
s0.2mdn.net/4528404/ Frame F4F0 43 KB
43 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1456_180_q_1400x1200_anf-l-2206.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16f0bf9e687ea86c51333bdbbb6e7e8b99ebe0f6d9a8649ead04d130835b9817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:00:01 GMT
x-content-type-options: nosniff
age: 54285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43832
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 22:03:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 08:00:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED2 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFm4rjUinZLDAFsyU9u8Plv-4qAsAAAAAOAHgBAI&bg=!KimlKX3NAAb90kgr3dI7ADkAdvg8Wt85V_F2JyLx6Nzkvz3XSPpWgc252toVIjGZfOGabg6taEv7_txZWPBzAu8ulZcQbrwX9fICAAABdVIAAAAIaAEHmQL6liWdonOMIpubVa-hb0TxEvSD9pkrK0MWtZIHhjENn2nkVEPqUX23SPq6zIdeKjvJjf8534Ydgho2bsG8DrsXBQjkiOnhQqVYoVgEh3yClXTkKV2DTl11I3mfV-Zb-6pYDDEmySzRHs9AcnA7h8L9Ie9ZDWX8MT5H0ZlzyR50_ZSxBIuL-tPj-k5aA1OsCsKzUhv4iP4NuPeWabbcIeK1vt3F4wZO7jXN5PMLh2Ca7ZOewUW4rY-fluhE5cq2LK0P_Q0HxrJ55JjUoq5ELsI3aiKmnSplzm58ZxYMuua02isZzmTNWzLievE6MTHI_GCmRNtt7-BS2BHtJNeWnlQ1odxzT-bMGGCnvnytN6okIhtpbSjdG7Bf07WrRwAP34k4piR__IxFK3gU4yiX-qKjsVE2dBu05V3USf6fvVbhrt_ElxWFc72SlERNyqiivc1ZbXT3NKg-ytBURDVyIG0ia_djucRf_AHW9k3WITwq52hmzXz2QHWzo28YhceBx8S63UbA4taX2dkiAcG_pYwy3OPwdweUO2JyWVgHBmSIxzdZVnBhy4RV3MuhXkLYoJEuxb5PcRQ49xEKY_VcgRKJQIHnPQ18ETXtrbl7PKBI3KDzjdQ5tvXO1y-9iFoHZkVhv_im5oamJ1dI2KHM2AqKKHhxqZYcJSnZWxmkWpwKvhSN7wcNY-JFL-glQCVnqYxbRzdIDUrPKEVGz2rurrVDrXXZ63CdXxzYFGqCIZWjQfUiuIkyVXnNhkiQmw7AO_JvFziVvcuBSC_RSndwNun5tH51dm17kV7sHwEtID7XsK_rfRfhRoyEvoB8p3BNuHgR0c0N06VRNIRD8qNMdn2a0JnVweznlEvcftozooBgdNeUkeOUSpmupB8XtveRHvALHnxnduTJ2NOZKPYhbJDyZM0_BTK0MrQSGTyF_fME_zZOcqoWOwIXptZjRXy539RX0eKiQuxiXFRukSpff8lACAnwh-j9VNRG7nlNnH_kVVjxwFddTrINRN3L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B6B9 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLDvRIGTilncG6gkemVox10yD1_hOkNp-e4qjgkTV7E1XGtCLoRpFTnmHSDygja5IZdzMcu7GGjXPXvzemxLURl4WCbQnO26XPEAUWfxeRQeGCDTAbaktbTwFNLtFRrCwqEzNpK_lgJdx_&sai=AMfl-YSy0Kbfcx1t8q8vlEDG1hVVUI8D3ULnaUF5B_q4QDE_VndNdXcDtFQNSSeYcKfzWpxCB_adwCtKRlKesMaNbNC4IyiUELKEhIAqBwOI9sl0A_9go514XtrqEGKV559L3IYG8AU2QR6-6hW_&sig=Cg0ArKJSzKggGi6O758UEAE&cid=CAQSSwBygQiDaSYHIuEPiSW1j5rGuQ4n5UB8S9HD4sn_qpIwIabi_YPzH7S0hjNXFADRh5MgObwZ5K5TdxZ49dIVWP9Bsqc6hvS5Z5r0khgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3709393554&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688684684961&rpt=224&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D517 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuS3f5x291j4MeaDF9iMC8-vxFSi5amn47d8iXZbm8XMsVKcJnClTyCE1OzkROEUe-mmhJ9ZgRcZe3HyTl4bmX08J-7Q0gd7Gn0q2ONkTFD7WPR2MgK7mqKuwDrANKTSiA0DmqrEYVGUAug&sai=AMfl-YTujNTFOLeSWvyv-ghlyx06mbUv0IHk2NHzPRllz18zXfkqemyn7vs5KHO39LshLNU4IR6nmdZ5w0usrdR_81sTPrdx7ADExL_3hH3Cr7Y-4SCUfLBRp3VCo13BfgvW5Dob6mYNzilnR2Cz&sig=Cg0ArKJSzMVyzv9-CLkzEAE&cid=CAQSSwBygQiDqlY_ozKs3O9fOoJ9jFO08HAt5Nazckgc4ipDK5EmIY66xSwEMfF-lEBi7qARPGeUMe94PYW2tNYDYivBlhUNKubITno5CRgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1184291071&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688684685062&rpt=444&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D517 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4969625608793&version=m202306200101&ct=76&x=1&cor=7039855855170558000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame C826 43 B
170 B 33ms
32ms Image
image/gif 65.21.233.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=c4ff0ab8aa77dded8645568727ab69e0&vid=5065713957012203787&__adt=8240603673329717717&__ade=1&latent=0&vis_type=8&__stamp=1688684687042
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.19 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 23:04:47 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6B9 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2674161370103&version=m202301230201&ct=77&x=1&cor=6640625129260489000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame F4F0 23 KB
23 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=57Jm1Poihh&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:02:50 GMT
x-content-type-options: nosniff
age: 10919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23315
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 20:02:50 GMT

GET
H2 200 dc_oe=ChMI8Lq81pj7_wIVTIr9Bx2WPw61EAAYACC03uxKQhMIotaX1pj7_wIVQ-67CB1B-gZC;stragg=1;&timestamp=1688684689173;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame D517 42 B
402 B 74ms
42ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8Lq81pj7_wIVTIr9Bx2WPw61EAAYACC03uxKQhMIotaX1pj7_wIVQ-67CB1B-gZC;stragg=1;&timestamp=1688684689173;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je3750&_p=1486102449&cid=46655867.1688684684&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1688684684&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 23:04:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgsed.com/	1970-01-20 22:40:44	Name: _ga Value: GA1.1.46655867.1688684684
.imgsed.com/	1970-01-20 22:40:44	Name: _ga_GC2VPDBYKB Value: GS1.1.1688684684.1.0.1688684684.0.0.0
live.demand.supply/	1970-01-20 22:40:44	Name: demandSupplyTi Value: e3059217-b83a-4a72-aedf-09b9a45041ce
.demand.supply/	1970-01-20 13:04:46	Name: __cf_bm Value: HcFos8YADO4LvFx.H_Cb4HahQKy1y86JtUaVRUemRGA-1688684684-0-AQKFpmL0ct1xHdLIVqQQyHdIbvBVSOgOhsUdKvojOa/3RV8gSpCYruURVzZFttKN8k6tTWgcZhx2DIJQcuP/+M8=
.criteo.com/	1970-01-20 22:26:20	Name: uid Value: 10411110-cea9-4820-bb4b-5e5b94bf31b3
.imgsed.com/	1970-01-20 22:26:20	Name: cto_bundle Value: DuIlNF9tcnFRenZqWlZCVlI3ZE1Zck5TVFRIcUFXZjdPNWpzbE8xb1RSWUZIN2IzeUFBRUo1OEpJcm9MTjE3dFBybFZUOHVvVURnR25hUkZmb2d2R01OVDBBeUgxNzl6T2V4WGxNVlAlMkJPbE14V2dNUWNleSUyRk1SZzRrU203WGpNNElBT2x3TGxmM2pndXNSMzE3dnBwRXpVVkNRJTNEJTNE
.adnxs.com/	1970-01-20 15:14:20	Name: uuid2 Value: 5663461340026190801
.imgsed.com/	1970-01-20 22:26:20	Name: __gads Value: ID=56a35990df0f0989:T=1688684684:RT=1688684684:S=ALNI_MY9UQ-c8t-vnLYDT2GguRQ6fKFyVQ
.imgsed.com/	1970-01-20 22:26:20	Name: __gpi Value: UID=00000c3868ecf35c:T=1688684684:RT=1688684684:S=ALNI_Mbej_wga0gqn64k9iifVNB95hRaqw
.casalemedia.com/	1970-01-20 15:14:20	Name: CMPS Value: 2179
.casalemedia.com/	1970-01-20 15:14:20	Name: CMPRO Value: 2179
.casalemedia.com/	1970-01-20 21:50:20	Name: CMID Value: ZKdIjcffcAXcOwWGZoJb-QAA
.doubleclick.net/	1970-01-20 22:26:20	Name: IDE Value: AHWqTUlivR72CfUztVP1Gx4IZoOFHO1sKPB11eXjcv2-a0Uf8sTMkEsrr0YAFzHkMww
.adnxs.com/	1970-01-20 15:14:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$QiF9H4!]tbPl1M>e)ZlrFUfJ+tGXxo]:E7D:SDA4rE_3xhJ/6O'TA<k%aRt['aTY%bpRzqF1`b_(d)xiqC
.ctnsnet.com/	1970-01-20 21:50:20	Name: gid_CAESEAVImKm_uh9uIBfodB8e3Fc Value: 1
.ctnsnet.com/	1970-01-20 21:50:20	Name: cid_aff05ebbbb1f405b9a0423b5d6821f16 Value: 1
.doubleclick.net/	1970-01-20 13:04:48	Name: DSID Value: NO_DATA
.media.net/	1970-01-20 21:50:20	Name: visitor-id Value: 3316862855428019000V10
.media.net/	1970-01-20 13:24:54	Name: data-g Value: CAESENkeOrOGyQDLuMx1ZP_GYK0~~3
.adform.net/	1970-01-20 13:49:23	Name: C Value: 1
.yahoo.com/	1970-01-20 21:50:42	Name: A3 Value: d=AQABBI1Ip2QCEBD-NHQZDyBeInQl373WpCMFEgEBAQGaqGSxZAAAAAAA_eMAAA&S=AQAAAqnnEwTAWL5pvz3J5xyrRY8
.bidswitch.net/	1970-01-20 21:50:20	Name: tuuid Value: 0a13bd49-f703-4c5c-a9b2-debd1b865eae
.bidswitch.net/	1970-01-20 21:50:20	Name: c Value: 1688684685
.bidswitch.net/	1970-01-20 21:50:20	Name: tuuid_lu Value: 1688684685
.adform.net/	1970-01-20 14:31:08	Name: uid Value: 6352246683440344748
.bidswitch.net/	1970-01-20 13:04:44	Name: google_push Value: AaAOQGEIOt1t4_si-YtYL4dyrOHGgZ_MhxQiJZeoQlD2lcDl5SNvwOMsbd7xlJCVNbPoQ3lPsnnb2SUXEZpncrQByKkoz-GMyChtmA
.revjet.com/	1970-01-20 22:40:44	Name: trx Value: 5065713957012203787
.revjet.com/	1970-01-20 13:06:11	Name: ads Value: c4ff0ab8aa77dded8645568727ab69e0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7e95ab4b3ca62f288d02c146ae613856.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
ads.revjet.com
adservice.google.com
ajax.googleapis.com
bcp.crwdcntrl.net
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.revjet.com
cm.g.doubleclick.net
cs.media.net
dsum-sec.casalemedia.com
esp.rtbhouse.com
fonts.googleapis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
img01.ztat.net
imgsed.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pix.revjet.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
s0.2mdn.net
s1.imgsed.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.162
142.250.186.162
142.250.186.70
162.19.138.119
172.217.23.98
178.250.7.13
185.80.39.216
192.229.233.6
2.18.160.23
2001:4860:4802:34::36
2600:9000:2250:2600:a:e047:753:be1
2600:9000:2490:2e00:15:157b:ff80:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:a84
2606:4700:20::ac43:4970
2606:4700::6810:8616
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638:3::c
2a02:2638:d::2
2a04:4e42::485
2a05:d018:d29:3605:d35e:e8d:e3dd:83f
34.96.70.87
35.186.193.173
35.190.39.111
37.157.6.233
37.252.173.215
51.38.120.206
54.171.151.8
54.93.206.198
65.109.120.242
65.21.233.19
65.9.66.97
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0ad7a6ebc65f50be550d91641cfe15b7254b9104f1249d563f46b86239f8e7cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62
0c95ec12dc6c2ab6093951c6b917ff6c896553f1ce59a5ed02baf1235baedc25
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f68674f67bdaf992f031056f35548b0396c08515bf72a664ff3338a5047188c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ffe06060058d503d31dc4462cac2ed9d47f9175cfff0fe14906b45578398d0
16f0bf9e687ea86c51333bdbbb6e7e8b99ebe0f6d9a8649ead04d130835b9817
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ff56958f06c99fce8ff7005a2b3d21df6e79c9cf094602c51d602cfe3c861cf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3327bbcd4f16454be530a83515a35aaa91cd8efd001ca4b77194eff3ba84fc53
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4
39bb0a6e79840d56ae4d6afddf73f58322dcd089f05fcf0b32fc8d52ddd16320
3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218
3cc62913b878e5cbea95cd367b985c05b1855cf420761a02ced5ad1cc3519436
3f514abd4d925d8e5c5f75aa9f3d991166d739658d72b91280a8338f7d2c1212
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
408afa58b93f8281d0c4cb354143741cd05c472bc22a9a66ac46c979767ca14d
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43c42ddaed229b1caa0741ddec7f4c9c01290181340be05b3cfd604274f61a9f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e4e373f4167005839c72e26952891eba5fbbec3250545b7ec8e73ecddef6427
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513456bef48cc8df1dc923db9a476285dfb0d2ebedd032ef11220b072b305f83
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a8e4555f84bde4d9be34080cddd88280b1d82862c5fca1334a217979ce6b67d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
6b6e60142056a80251c1cf0fa9204219d00fb3e8d981c643e69163c29c505a22
6bbcef4b5fa793a318f191a371b18449227add2dfee0fa770d7be911149cc408
6ec023bb271d17a1b5874a5b61b49df8c826120c5a9615e93f459de02467f0f2
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
711f0ff955b5c099eeacbdcf9196f85a99ca98ea4508d7dc90862426de86fb27
7e3cc0306c5e291e93725cb4ff8c0ce369b3b31cb6f21975fd390c202de05b55
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
86943d8d1bb51d5d23e6b00f8c2343a6d92ae1a1b644595526d6f22da666f84f
8f2e0ab27b9cc767a52fe96052e61ec81db235a7d074a34a44ffe8634bf939c5
8f677559c133d513477065c1a57e330133c78de2ab3764bee9fbcff66cf4003b
9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a043fd2fb8be3f7496f2ca5258f6504d79437023826467ee73257cad79a3e9d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4964a83799def66a1b1ec864ab5f9867312fb316c6e49eb47f0b1e8252468eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5d5578e874a7a47d7a76e7293f2186225aba110c6ba7e33f2f9abad23c1f12e
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1f4aae27228b89011185acce6857276ee9470737496c472b23fbb1d7e60b234
c31c654dfc6b26904c0c9c4c4f624283f699e0db6d4fdaa5cde0d74b29c034e1
c9998e14fdc96c5fa06da51ff7ffad6b49277b9042a8eccfb729df6fe16d22d2
ca19c4a39e8517c43072ed49a111033ddce7e19f78107766780875686916d8cb
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cde3925b5774a762c148506007ebef418d6da2f8c404716ad81b73aae049f163
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d5ea05d84477b0638c5f18756b533ef964965e9d0b89725436bcef1354e4d880
d73c41339127fc7c07b24b52089d5aad8caf7addaaf284fc71347a86487cf49c
e05c27ce5c25ffec3c23f17d0bf277f042195d5ff06615b9136a06db499d6735
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e
fc5e802de0e2a4aaef62bbdd4afad1afd8f0f31e03d273f00e20af23e548f566

imgsed.com Open in urlscan Pro 2606:4700:20::681a:a84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

90 %HTTPS

53 %IPv6

29 Domains

45 Subdomains

37 IPs

7 Countries

3486 kBTransfer

5943 kBSize

28 Cookies

1 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgsed.com Open in urlscan Pro
2606:4700:20::681a:a84 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

90 %
HTTPS

53 %
IPv6

29
Domains

45
Subdomains

37
IPs

7
Countries

3486 kB
Transfer

5943 kB
Size

28
Cookies

166 HTTP transactions
4 data transactions