imgsed.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://imginn.org/kurlss.c/
Effective URL:
https://imgsed.com/kurlss.c/
Submission: On September 22 via manual (September 22nd 2023, 6:22:49 pm UTC) from US — Scanned from DE

Summary HTTP 93 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 93 HTTP transactions. The main IP is 2606:4700:20::ac43:4970, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgsed.com. The Cisco Umbrella rank of the primary domain is 351587.
TLS certificate: Issued by GTS CA 1P5 on August 5th 2023. Valid for: 3 months.

This is the only time imgsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:1c2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:20:... 2606:4700:20::ac43:4970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:a200:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.155.129.21 18.155.129.21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	99.80.190.120 99.80.190.120	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
93	24

1 2606:4700:3037::6815:1c2c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imginn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4970 (United States)

ASN13335 (CLOUDFLARENET, US)

imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d9.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:a200:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-21.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4b715e61a52b13fce2659ffd514b9fa9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (United States)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.190.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-190-120.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com 4b715e61a52b13fce2659ffd514b9fa9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	160 KB
21	demand.supply live.demand.supply — Cisco Umbrella Rank: 42647 api.demand.supply — Cisco Umbrella Rank: 75133	41 KB
12	imgsed.com imgsed.com — Cisco Umbrella Rank: 351587 s1.imgsed.com — Cisco Umbrella Rank: 773686 v.imgsed.com — Cisco Umbrella Rank: 673537 d9.imgsed.com — Cisco Umbrella Rank: 683528	662 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	200 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	219 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 11	814 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 640 mug.criteo.com — Cisco Umbrella Rank: 1822	7 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223 id5-sync.com — Cisco Umbrella Rank: 687	31 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1393 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398	12 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2880	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878	250 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	91 KB
1	imginn.org 1 redirects imginn.org	446 B
93	18

	Domain	Requested by
20	live.demand.supply	imgsed.com live.demand.supply client
15	tpc.googlesyndication.com	imgsed.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net imgsed.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	d9.imgsed.com	imgsed.com
3	www.google.com	1 redirects imgsed.com tpc.googlesyndication.com
3	s1.imgsed.com	imgsed.com s1.imgsed.com
2	fonts.gstatic.com	fonts.googleapis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	imgsed.com	imgsed.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	imgsed.com
1	mug.criteo.com	imgsed.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	4b715e61a52b13fce2659ffd514b9fa9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	api.demand.supply	live.demand.supply
1	region1.google-analytics.com	www.googletagmanager.com
1	v.imgsed.com	imgsed.com
1	www.googletagmanager.com	imgsed.com
1	imginn.org	1 redirects
93	28

This site contains links to these domains. Also see Links.

Domain
scontent-atl3-2.cdninstagram.com
sulvo.com

Subject Issuer	Validity	Valid
imgsed.com GTS CA 1P5	`2023-08-05` - `2023-11-03`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://imgsed.com/kurlss.c/
Frame ID: D2E52E2C1B2D578C3DA7E7CEB91809F1
Requests: 56 HTTP requests in this frame

Frame: https://4b715e61a52b13fce2659ffd514b9fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4411A4A8B41F5335AC35C7E0AB534875
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com
Frame ID: 72A50871A65D722F65201C2542E5C37E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022308011702000/amp4ads-v0.mjs
Frame ID: BA52CD730D8221487A94C4752E09A897
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022308011702000/amp4ads-v0.mjs
Frame ID: 27C4D53926A1F3CF209C0EB9C861170E
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49F9197276E490FBFEE45C9DD4254CD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14EE5FFFDA5F7F7B261B48CB0B8C03FB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

crystal🕷️✨☠️💋🕸️ (@kurlss.c) download instagram stories highlights, photos, videos - imgsed.com

Page URL History Show full URLs

https://imginn.org/kurlss.c/ HTTP 301
https://imgsed.com/kurlss.c/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

93
Requests

98 %
HTTPS

79 %
IPv6

18
Domains

28
Subdomains

24
IPs

4
Countries

1474 kB
Transfer

2971 kB
Size

10
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/379992775_656662192893107_1025656080873089910_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=111&_nc_ohc=KMoo2BJDfqcAX_MGyll&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE5NTUxODQ3OTk2NzIwMDc1NQ%3D%3D.2-ccb7-5&oh=00_AfBUob4vbOz4ujA9HhPV5YOnzZVGcr2IBG1Hz8bYOPG_0g&oe=6513632F&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/378052524_1798330160599725_6133557622335341829_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=109&_nc_ohc=FC0t5xARFbAAX-OYd1v&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE5MTk4Mjc5MjY0NDIxNjc2NA%3D%3D.2-ccb7-5&oh=00_AfAFrZnjqt4yYsY-ckEbxaezZzzaNtavujKHOh6dfeukhA&oe=6512A444&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/376269718_985302062771576_8460246241902916479_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=108&_nc_ohc=qHGR8UljtBoAX-3Ojjx&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE4ODg5NjI1OTE5OTgwOTExMg%3D%3D.2-ccb7-5&oh=00_AfD0DwLbWa4dxlLoGZHX7yGI6cIjE8Uxfl-7hFT2l6cvNg&oe=6513C097&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/374547042_678210177519666_2322152970606499406_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=106&_nc_ohc=Aktv_mdTMC4AX-LciFr&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE4NTM2MDUwNTY1MzM0MTU1Nw%3D%3D.2-ccb7-5&oh=00_AfALDKt3GLRDRoSCitGFKTjD7z4K37qS__grp_jIge_mfQ&oe=65127044&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/371749030_6685314484860284_4372813225683289729_n.jpg?stp=dst-jpg_e35_s1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=108&_nc_ohc=LwVRU2STyZMAX-6yEP2&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE4MDQ0MTc3Mjg1ODE2MDExMQ%3D%3D.2-ccb7-5&oh=00_AfC5LQ4jAjV42OZNV6KM2nL-5wvbpoVHXhPqhQJEP4Wm6g&oe=6512A28F&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/366502140_316982654008707_416762224950449976_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=103&_nc_ohc=c-cGg1mr51sAX8dOiaA&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE2NjUyNzA3MjM0MjcxNTk4Mg%3D%3D.2-ccb7-5&oh=00_AfBBhZGO7Wyf-cifYUSnLfEE6sfGRQUZCy-L7l2Okb3leg&oe=65129A5A&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/365021151_645667220843634_5834381779982022343_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=106&_nc_ohc=RdB3BjF-JOcAX_DxIFq&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE2Mjk2MjMzNzYzNDQ2ODg1MA%3D%3D.2-ccb7-5&oh=00_AfCGaOcpfygGXRATeoSXnEV6Csptn-8gtn5eQBKukqedOQ&oe=651221DD&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/363505552_768116925052355_1813730804321833312_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=111&_nc_ohc=89zS1TePD98AX-v1vw0&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE1NzE4NDExNDMwNDgyMDg5NA%3D%3D.2-ccb7-5&oh=00_AfCIZadM2PL0ipxKn7K8RvFt6sZ5IQJRHV5hFvfmPahguA&oe=6512B01B&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/362724690_2296190810567030_2509305303178984133_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=102&_nc_ohc=9WqaSNw9O2YAX8Yyxv_&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE1NjQ2NDY4NTU1NjMyMzE5OA%3D%3D.2-ccb7-5&oh=00_AfDRUalLDb6Ps3gyyiZU5H3kpxcIXj_XDh4uL2ihO-lwJg&oe=6512B297&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/360128668_150008888105280_3237831286979092843_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=100&_nc_ohc=ZnsSdXtYDRQAX-YPMpe&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE0NjkwMjI3OTU4Njg0MTY3NA%3D%3D.2-ccb7-5&oh=00_AfD26noozMZUxnul4rFuXjx1W6SJnbBOpQN8bRuZ_vedJA&oe=651311ED&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/358793860_1822895714791587_3651100809703082994_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=103&_nc_ohc=UXGSIlJPEk4AX-WlSQQ&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE0Mzk2OTAyNzI4NzA4NTExOA%3D%3D.2-ccb7-5&oh=00_AfByRVI38FH23gN75YhlvyWWjRDk-MnbZYNwpSbOI21akw&oe=6512F072&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/355625495_1462477054292421_3380434022489764421_n.jpg?stp=dst-jpg_e35_p1080x1080&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=109&_nc_ohc=1SgteL9b8rMAX8Cjekz&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzEzMTczMjQxNjc2OTg5MzYxOQ%3D%3D.2-ccb7-5&oh=00_AfCCE-uTGe8koAaNYxbbZAqfHNh1DxGCm3UBtVcFxNONKg&oe=6512B1C9&_nc_sid=8b3546&dl=1
Title: Download

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://imgsed.com/kurlss.c/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://imginn.org/kurlss.c/ HTTP 301
https://imgsed.com/kurlss.c/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LehFCHxISTE5OEpaWjduK1BHbDFFRW40YUJXZUhsTUs5aDUvUVF6VlN6MjNmdk5HMUVlTXpNZkxVSGpkaFJkV2loS01VaTl4RUtzdXlpZzJUQ1pVQm9Eek9hQVpYbTdwRGxYVnp6SmxvaDFXNUhVRy9XYzZHTEhJZi9VK2FXSHRCdFFzVk54MXFsSkR2aXQ1ZXgvYU02ZFBBUnJObzRlUnQ1MkhiRmZiVkxRRkw5Tm5UUmpPQjNkSzl6ZDdkNE1YYm95VDROSzlZNmZaRmJwTWlmMk5haXZKMnNTcmJPQURZUmRLOWlIQkZiSTQ5aUFNTk5WVnFwTjNsWGlRVGcrbkFmZzR0MmNXS0RDMzJIcG5PQ1Y0d3MzTXFkUT09fA&cppv=2

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

93 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgsed.com/kurlss.c/
Redirect Chain

https://imginn.org/kurlss.c/
https://imgsed.com/kurlss.c/

24 KB
5 KB

1763ms
1688ms

Document
text/html

2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7c3f7a6c1706f9336198d7eedf6c2acf45709778a20a6ee57fb1457b02b93f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=10800, immutable
cf-cache-status: EXPIRED
cf-ray: 80ac931ddf7d9064-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 18:22:41 GMT
last-modified: Fri, 22 Sep 2023 11:22:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzHMJ0%2BDuoGquq69s12pcH6QC6qPTy8UiOE35p%2BstKZNtpFifm%2FBlAQT%2Bpl3JELDZyokHCTLAgYTT6sjvKLkjwZr9YguYIqmc%2FoCnUWNYpA1KtHTytdIM7%2F95VWyqzYHcD6UwpDRj9s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: MISS

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 80ac931d1bf739e6-FRA
date: Fri, 22 Sep 2023 18:22:40 GMT
expires: Fri, 22 Sep 2023 19:22:40 GMT
location: https://imgsed.com/kurlss.c/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=069l%2BcbdQ9fRFMBtLKf1oHXyBqBZ%2F5ccXsJidfbsdf1H1nQC4VNr18yVX0uC5U92obWufzuAEt7GTon3d%2FeNv5RLTjuq0xU4SkS1SBdQx9%2FeTB2xY9w1MGHr2QXPbcHv4TkC59%2FJ8Ygv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 329ms
124ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3883e9c612b6e0dceaf72214920d1ad495567e076f1c10699da044a52896bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01HAAPFKXS6C0TWVX10X7HF12W
date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 714
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6eaa5f6c66d357f2e362fb93e5e9eaf5-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 80ac9329bc5f35ed-FRA
link: <https://live.demand.supply/impl.v17.15.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 art.css
s1.imgsed.com/css/ 36 KB
7 KB 41ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/css/art.css?v65
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcee99a98a72212441b7740bd71c6585a33232466f36c9ff5f54431895e72143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 07:41:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1360849
etag: W/"64f438b2-9081"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2Te7uGZpNZC50d5yH8nj1LgkW4J5O%2Fk1GxaTcgHPKw4uONLPfdLatjZ5TCY8TYETydnWJuHr%2FlvWt%2Bb0Zep%2BDm469bQax2m%2B4vnK7O90Z7REP%2FFWfYeAKIF5XttNQem%2FIbGBBcNDqm0vm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 80ac93288b299064-FRA
expires: Sat, 07 Oct 2023 00:18:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
91 KB 100ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67ca9e6ce320adc1f918def80bfffd966c351c9c4e688f733c163ab5cc786385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 18:22:42 GMT

GET
H2 200 372243416_608977591389997_8754786747093609877_n.jpg
v.imgsed.com/ 4 KB
5 KB 240ms
212ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.imgsed.com/372243416_608977591389997_8754786747093609877_n.jpg?https://scontent-atl3-2.cdninstagram.com/v/t51.2885-19/372243416_608977591389997_8754786747093609877_n.jpg?stp=dst-jpg_s150x150&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=101&_nc_ohc=Q0WF6lMY_R8AX-ihcRa&edm=AOQ1c0wBAAAA&ccb=7-5&oh=00_AfAY0G17nnfI4TV5Lrtgo2FaspyfHb68c_eITCWZKhOV7w&oe=651283A1&_nc_sid=8b3546
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa23f97006a3cf3f42f767fc53f6c89552401110d2585ea1210c05d5f47b405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-digest: adler32=2897848938
thrift_fmhk: GBB/KHwL1p0cDLb8pH2xskWSFeq3uckLAA==
cross-origin-resource-policy: same-site
content-length: 4600
last-modified: Thu, 31 Aug 2023 18:46:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6goE%2FKgSLBQoB%2BL3KC%2BL5u8WQ7kxpqeOQx7j%2BL0f1d%2BFDQmxr7BhVfrtWLEO2dxmJlg08LtKdiW43S5c37ju78YRuYYadHDUWQ49uKCuliCegZ9cp6UBdYhzk8kgSouXLn5nBly4AMkaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1209600, immutable
accept-ranges: bytes
cf-ray: 80ac932a2cd19064-FRA

GET
H2 200 lazy.jpg
imgsed.com/img/ 44 B
419 B 52ms
51ms Image
image/webp 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsed.com/img/lazy.jpg
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c5a98f77e9516f40f64a2f722439753be20901df1986c02cae5daa8a83e2d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/kurlss.c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 366
cf-polished: qual=85, origFmt=jpeg, origSize=2703
content-disposition: inline; filename="lazy.webp"
content-length: 44
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 12:10:31 GMT
server: cloudflare
etag: "63ac3237-a8f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B73KogVLJRoTCqh85UNXrHKBfshq2rcasXdzRSckMfgtGxhxzeaoqE1Cq1toagOErOlRT6PSbEzzvQhtxMburuL8%2FiXEfGYrM20jT0C%2BG%2F64NN46CoTt3R2Zgq25L1rrAKle%2FB2p9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 80ac932a2cc89064-FRA
expires: Sun, 22 Oct 2023 16:16:29 GMT

GET
H2 200 art.js Show response
s1.imgsed.com/js/ 7 KB
3 KB 29ms
29ms Script
application/javascript 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/js/art.js?v65
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8418b3b3401e9ba6f3a17a15fd7f27d3633cda58ba129231631c07720435499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 04:13:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1360849
etag: W/"64f407fe-1d4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11qHUff2PSOi4E5KqWkguz1e8ZPRqX0IZpvu5vW1iiGfVDRd7%2F44MjrSWiRrXs1DwUxVKOUIDag3fczwxvg1placzziIQKnIIbpzF1U5lbHav0Djzwq8D85%2FdqaAXRMEuiiPWYLV1gTZVsc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 80ac9328bb4f9064-FRA
expires: Sat, 07 Oct 2023 00:18:04 GMT

GET
H2 200 search.png
s1.imgsed.com/img/ 852 B
1 KB 43ms
43ms Image
image/webp 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imgsed.com/img/search.png
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/css/art.css?v65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 652eda34d195808a14296f688ea240bea5b713b232c66e5f9dbd9642f93d356f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/css/art.css?v65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1360848
cf-polished: origFmt=png, origSize=2153
content-disposition: inline; filename="search.webp"
content-length: 852
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 12:10:31 GMT
server: cloudflare
etag: "63ac3237-869"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuJtlYSOgTL1iePqGYdWMXTJMG8%2Fs5QnXvLi9zhJIj7pwqb%2BFKaPGYAkm6Nmt7gTURsucWZDDPegw%2B1WgwE84WcbWO7CSNv6DDEeotZ4Dtfh6p5ZmsHA3ddSHVbwEyaOwhQLHUTB511zZOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 80ac932a2cca9064-FRA
expires: Sat, 07 Oct 2023 00:18:04 GMT

GET
H2 200 379992775_656662192893107_1025656080873089910_n.jpg
d9.imgsed.com/ 61 KB
62 KB 750ms
725ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imgsed.com/379992775_656662192893107_1025656080873089910_n.jpg?https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/379992775_656662192893107_1025656080873089910_n.jpg?stp=c0.180.1440.1440a_dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=111&_nc_ohc=KMoo2BJDfqcAX_MGyll&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE5NTUxODQ3OTk2NzIwMDc1NQ%3D%3D.2.c-ccb7-5&oh=00_AfAJ9Yzf6C-cOrTf9broFGpYNH3_tjycxnQOD-IyP-JxfA&oe=6513632F&_nc_sid=8b3546
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7975a3c1a44a4241b24c728036115c744f08075ad0cd21719a45dcbb5c295377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: MISS
content-digest: adler32=1800120721
thrift_fmhk: GBCdxF4psTiHkvZKLzegSZtHFeq3uckLAA==
cross-origin-resource-policy: same-site
content-length: 62606
last-modified: Tue, 19 Sep 2023 20:31:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWJQ6sM5BZv65GtY80QDxKGrj%2B9SQ5TFDExttrKXHkzdNIlxC9vn5rVQ7Z%2FcWLLxwTZykqco4noJKKO%2F2I1MVbY8XTIQn76015u2kx1LytF7tVd2pp%2BcZlO%2FgUdn8Xeo7hu0hk89esefyOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1209600, immutable
accept-ranges: bytes
cf-ray: 80ac932a7d0d9064-FRA

GET
H2 200 378052524_1798330160599725_6133557622335341829_n.jpg
d9.imgsed.com/ 59 KB
59 KB 241ms
219ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imgsed.com/378052524_1798330160599725_6133557622335341829_n.jpg?https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/378052524_1798330160599725_6133557622335341829_n.jpg?stp=c0.180.1440.1440a_dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=109&_nc_ohc=FC0t5xARFbAAX-OYd1v&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE5MTk4Mjc5MjY0NDIxNjc2NA%3D%3D.2.c-ccb7-5&oh=00_AfBXiVnk6MspOq8Ot0Jvi2JbxHU4m9AAd0vP1B6RsLY67g&oe=6512A444&_nc_sid=8b3546
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fdc11133842380e5b90e42fd82573bde43728e92200123d935573134d2fb55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-digest: adler32=2873070229
thrift_fmhk: GBC+YDsXn6olVBTX/LcCWXmYFeq3uckLAA==
cross-origin-resource-policy: same-site
content-length: 60366
last-modified: Thu, 14 Sep 2023 23:27:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfFkSebpdVxFRiMWbIIyHZahhYCu53LIBliQ1Zt5JiOyUyqe5PAg36ZFFEwGDI5JhjfrRxpnHfKeSPslzv%2BBcnkLJh3Qta5VWvnKz4HG6ENMsKr58MkDjXxHl8vSxkDYHP2OZJFIGOziapI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1209600, immutable
accept-ranges: bytes
cf-ray: 80ac932a7d139064-FRA

GET
H2 200 376269718_985302062771576_8460246241902916479_n.jpg
d9.imgsed.com/ 155 KB
155 KB 408ms
388ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imgsed.com/376269718_985302062771576_8460246241902916479_n.jpg?https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/376269718_985302062771576_8460246241902916479_n.jpg?stp=c0.180.1440.1440a_dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=108&_nc_ohc=qHGR8UljtBoAX-3Ojjx&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE4ODg5NjI1OTE5OTgwOTExMg%3D%3D.2.c-ccb7-5&oh=00_AfAWAlD3cDvwBuHiE9MuTIQF3RKmReN1U7kEFxzEhQJk5g&oe=6513C097&_nc_sid=8b3546
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da06ff87e7dfaf7a650fd0829aa36e696a7c7749e71f1d33409bf0831bbb1e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-digest: adler32=481550556
thrift_fmhk: GBA6JIEjq0Jiktq6G1QFknUGFeq3uckLAA==
cross-origin-resource-policy: same-site
content-length: 158500
last-modified: Sun, 10 Sep 2023 17:14:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggGz9SysY8bDA8RTn5HyGGZYTvUjxG0riqDpp8GEthg6N4gancbJ95xOfzgRWT2fdA3CoDRREDLOom1%2BtgYFeQSFqcQ%2FDJ0Fc2cnJdFUaHwI8syIgzbCsPpmxwos0ZR%2FGoZWq16tvyPJySE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1209600, immutable
accept-ranges: bytes
cf-ray: 80ac932a7d0a9064-FRA

GET
H2 200 374547042_678210177519666_2322152970606499406_n.jpg
d9.imgsed.com/ 165 KB
166 KB 384ms
365ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imgsed.com/374547042_678210177519666_2322152970606499406_n.jpg?https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/374547042_678210177519666_2322152970606499406_n.jpg?stp=c0.180.1440.1440a_dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=106&_nc_ohc=Aktv_mdTMC4AX-LciFr&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE4NTM2MDUwNTY1MzM0MTU1Nw%3D%3D.2.c-ccb7-5&oh=00_AfDZMUyWTu5kJ1UrPc8Pp8i2UuCZC4jJYu8P4o7Nb52S2w&oe=65127044&_nc_sid=8b3546
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee184fee719a88cf8091674133669e2d8236acd53745d005818a3e22f9460d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-digest: adler32=2124389308
thrift_fmhk: GBBM0YHKFC6y23pOkhTG3SyxFeq3uckLAA==
cross-origin-resource-policy: same-site
content-length: 169337
last-modified: Tue, 05 Sep 2023 20:09:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFVdUVbiult9XmWN%2FMl2rx6VjCqM7Pj5pE2ZfwfAUsexeZFoGj%2F3Q%2FYqMFjRkMYhLyv4C3t0%2FoqjBasyNWIfHEXCU1JHGr%2FDkKGRXq9TTgtBy%2BPEBpKyv%2BtQu%2BbFrEMGx%2F40IjgsOq9HjAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1209600, immutable
accept-ranges: bytes
cf-ray: 80ac932a7d119064-FRA

GET
H2 200 371743175_210864765037646_2049148475068450382_n.jpg
d9.imgsed.com/ 44 KB
44 KB 280ms
265ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imgsed.com/371743175_210864765037646_2049148475068450382_n.jpg?https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/371743175_210864765037646_2049148475068450382_n.jpg?stp=c240.0.960.960a_dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=102&_nc_ohc=CH3zlcilEyEAX-JAgr2&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE4MDQ0MTc3Mjg1ODI2MDI2NA%3D%3D.2.c-ccb7-5&oh=00_AfABZ6BWTFvX5Hc8M5SUbzY8JBzsRhRp-XQCSGIYSPpMYw&oe=6512B6A8&_nc_sid=8b3546
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1587e1d7b6fb6ac04238ae9b1c76dba6d7ce26fb85854f046d1154d64eb5ed35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-digest: adler32=2567754780
thrift_fmhk: GBC2QM11kJEz/c59N0PxJeulFeq3uckLAA==
cross-origin-resource-policy: same-site
content-length: 44710
last-modified: Wed, 30 Aug 2023 01:17:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeqfWxUaWU4Dvhpe8iaaQFY53f%2FYtCfOOCm7c%2FfIfDS8joUlEoILw5yTGP74SmjNq765%2Br%2B6oHarhKs%2FtX1f%2FMVu4ue8Rbcv7raHROt%2B5ot5RtfKNe6%2FBlyIFTDfjTOzqVjTf1TPNwlKDL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1209600, immutable
accept-ranges: bytes
cf-ray: 80ac932a7d099064-FRA

GET
H2 200 366502140_316982654008707_416762224950449976_n.jpg
d9.imgsed.com/ 153 KB
154 KB 349ms
334ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.imgsed.com/366502140_316982654008707_416762224950449976_n.jpg?https://scontent-atl3-2.cdninstagram.com/v/t51.2885-15/366502140_316982654008707_416762224950449976_n.jpg?stp=c0.179.1440.1440a_dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent-atl3-2.cdninstagram.com&_nc_cat=103&_nc_ohc=c-cGg1mr51sAX8dOiaA&edm=AOQ1c0wBAAAA&ccb=7-5&ig_cache_key=MzE2NjUyNzA3MjM0MjcxNTk4Mg%3D%3D.2.c-ccb7-5&oh=00_AfChHs1q79v0e5JJTTmS2Fndk0ZvXNpoZhniSoWt6LeMWQ&oe=65129A5A&_nc_sid=8b3546
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880f92107445b73f24619b99c4797d7623acac63152f8b772949c460ca0b4d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-digest: adler32=3861587217
thrift_fmhk: GBC8znmJI8PoJ8+jVlFxbQ19Feq3uckLAA==
cross-origin-resource-policy: same-site
content-length: 156744
last-modified: Thu, 10 Aug 2023 20:30:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht6x%2Bbk2jggIHnyIZMf85ed3dWt%2FM1psleULHk%2BQaQPsFZqeqfah9rSaf18fg8Fd3PXZTsntwjjfWweirNueWGcDkuDv0RB4F09rYj1lzXSIEPRRa36XItJRiCzOqRBBVdHvqLvTiLrAztc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1209600, immutable
accept-ranges: bytes
cf-ray: 80ac932a7d0e9064-FRA

GET
H2 200 impl.v17.15.0.js Show response
live.demand.supply/ 82 KB
27 KB 37ms
34ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.15.0.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01HAANKZ94E4GT7BEZGRJJD566
date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 684144
cf-polished: origSize=84620
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c4c243e9ca1d0f0ac14511caf420b080-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80ac932a8d8f35ed-FRA

GET
H2 200 aW1nc2VkLmNvbS8= Show response
live.demand.supply/p4/v17-10-0/ 2 KB
815 B 79ms
78ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS8=
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20debeb73bdeab45aff2c450993de34494e33033b411e02f1dcfbc8f08fa2a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80ac932a8d9035ed-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 169ms
140ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=330&cs=c&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: HIT
age: 1398901
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac932ac9389078-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 186ms
102ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68b9837b59dcd2a3e7e6746faf2a682dafc160fa4c64450612753b3586672612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29542
x-xss-protection: 0
server: cafe
etag: 367 / 19622 / m202309190101 / config-hash: 1334419679377743303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 18:22:42 GMT

GET
H2 200 aW1nc2VkLmNvbS9rdXJsc3MuYy8= Show response
live.demand.supply/p4/v17-10-0/ 973 B
612 B 71ms
71ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077c77f6fb074d290de9aae501eadd70d1fff29e241225bc0dabb6d62c3d32ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80ac932a9d9935ed-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
625 B 78ms
54ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HBAS8QJ5EE7R83WC3E3RRB
date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1398571
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80ac932ac9399078-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 imgsed.com_large_video_user Show response
live.demand.supply/cp/ 29 B
373 B 276ms
273ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_large_video_user?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd397c48a83b66aa8047f6fc0fc6c82ef65490caef31b44cbcb6fb396d5c2b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80ac932ad9649078-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 imgsed.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
373 B 160ms
158ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 703d57a7249a49c3a7866473880bbde6a165bb36e46b9f1dd36b00f8f673efce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80ac932b19919078-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 87ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je39k0&_p=256585893&cid=439719755.1695406962&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695406962&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2Fkurlss.c%2F&dt=crystal%F0%9F%95%B7%EF%B8%8F%E2%9C%A8%E2%98%A0%EF%B8%8F%F0%9F%92%8B%F0%9F%95%B8%EF%B8%8F%20(%40kurlss.c)%20download%20instagram%20stories%20highlights%2C%20photos%2C%20videos%20-%20imgsed.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 18:22:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/ 409 KB
129 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c12c5de9ee0e73d6f0877a170e1a884ca1ea4976b98fc4b90432de5d650f0061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 10:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26861
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131893
x-xss-protection: 0
server: cafe
etag: 4805128364399664152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Sep 2024 10:55:01 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 29ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pdc=0.14948623180389403&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: HIT
age: 1398901
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac932c1a869078-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 180ms
180ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H95R0W3H9SMVPKTQMTQBKKQX
date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1680141
etag: W/"ca59855b4714df36e4972d3d4157366d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 80ac932c19849a30-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
483 B 125ms
125ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=imgsed.com_auto_728x90_sticky_display_bottom&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JD43MQW2HTEJ3358NRM
date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: HIT
age: 1398872
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac932c1a889078-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_large_video_user&pdc=0.4191072821617126&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: HIT
age: 1398901
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac932cab039078-FRA

GET
H2 200 imgsed.com_large_video_user Show response
api.demand.supply/v17-10-0/a/ 366 B
705 B 468ms
141ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v17-10-0/a/imgsed.com_large_video_user?&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2a383a01dfab22b45cb5c4dc34a31aeb4e94bbc8184ff7c0763728bc8269e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 6287
etag: W/"16e-OywRS5MDdtPYvqnYdyeDE28KfHM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80ac932eaecc1ac5-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 30ms
30ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:42 GMT
cf-cache-status: HIT
age: 1398901
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac932cdb4b9078-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 239ms
20ms Script
text/javascript 2600:9000:2250:a200:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a200:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Fri, 22 Sep 2023 05:20:17 GMT
Via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 46946
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: CB-VDz-C9ozay45Vj3Q_1PsTZrnjT3ybhvVFGLnJG4Pn2jOV5S-vyQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 285ms
66ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 23 Sep 2023 18:22:42 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 250ms
32ms Script
text/javascript 18.155.129.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-21.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 07:50:11 GMT
content-encoding: gzip
via: 1.1 4a03c73f3dcfcfd37ea6a992da6dce06.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 37952
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 2iij9wXgmOITEZ7AHoO1YP_otnqKme3N4oEXdu6IjU_5R6T-nUgA0w==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
31 KB 253ms
35ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: MWKYM1T9JX7HPNB6
age: 3082
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80ac932ebcb85caa-FRA
x-amz-id-2: pY6p/oR/2+42bVL00JT3+C3IDDYMcwXtdBkjms7Ftfj6yuck6lNYOYLZZtmAz8t1unTNOkNx5/Y=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 247ms
29ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 370
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B2SiyDrBvKrCHRdBDbSOk2xR6p5RJczVGDk%2Fd%2Fw4YBkQAfJlxqZXrvaX3Ncgwx918AYzWXt4thRErrGW8r7z2YH24XMILNtTze2zuyZkwq%2BkTVo%2F9pnTXdP5GZ84Zit%2BfRnoiFqNE%2FqH%2BBuYNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80ac932ebe7b373b-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 256ms
39ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 4fe4842f0eedf995bd8d8e4eb53b511b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
739 B 270ms
269ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1356343793300277&correlator=174072484397093&output=ldjh&gdfp_req=1&vrg=202309190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C5b1fcc9a-8fd7-4f9e-af23-7e840d87b75d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695406962735&lmt=1695374569&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2Fkurlss.c%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=439719755.1695406962&ga_sid=1695406963&ga_hid=256585893&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqfCE8asxSABSAghkEhsKDGlkNS1zeW5jLmNvbRip8ITxqzFIAFICCGQSGQoKcHViY2lkLm9yZxip8ITxqzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YqfCE8asxSABSAghkEhcKCHJ0YmhvdXNlGKnwhPGrMUgAUgIIZBIZCgp1aWRhcGkuY29tGKjwhPGrMUgAUgIIZA..&dlt=1695406961976&idt=685&prev_scp=ti%3D2508c1a2-aaa7-4e9d-82c2-f41a0a338d80%26interstitials-bid%3D5%26bid-p%3Dgoogle%26bsc%3D84&adks=3557535414&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2ac855e7ca9ba3c44af3ef8d3e2887bf9063c22b973c0e051211477a18c451b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 708
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
13 KB 449ms
447ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1356343793300277&correlator=1726727584250333&output=ldjh&gdfp_req=1&vrg=202309190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C840219cb-19cc-4356-9a61-e5772cde584b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695406962756&lmt=1695374569&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2Fkurlss.c%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=439719755.1695406962&ga_sid=1695406963&ga_hid=256585893&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqfCE8asxSABSAghkEhsKDGlkNS1zeW5jLmNvbRip8ITxqzFIAFICCGQSGQoKcHViY2lkLm9yZxip8ITxqzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YqfCE8asxSABSAghkEhcKCHJ0YmhvdXNlGKnwhPGrMUgAUgIIZBIZCgp1aWRhcGkuY29tGKjwhPGrMUgAUgIIZA..&dlt=1695406961976&idt=685&prev_scp=ti%3D2508c1a2-aaa7-4e9d-82c2-f41a0a338d80%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D84&adks=55489845&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a919d4e42f00dcc56b180bc91b4bdc195b8e6d6787128283d17b1da9f32308d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13286
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4b715e61a52b13fce2659ffd514b9fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4411 6 KB
3 KB 116ms
29ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b715e61a52b13fce2659ffd514b9fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 18:22:43 GMT
expires: Sat, 21 Sep 2024 18:22:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/ 38 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5eca9994636002c50b60b00155b79525ca5fb1efb32002d02b709d7489931f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15164
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13584
x-xss-protection: 0
server: cafe
etag: 6872410555885285624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Sep 2024 14:09:58 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: HIT
age: 1398902
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac932f4dc29078-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 130ms
130ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: HIT
age: 1398902
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac932f4dc59078-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 976 B
511 B 308ms
307ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1356343793300277&correlator=3256711606324389&eid=44714449&output=ldjh&gdfp_req=1&vrg=202309190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ccd5f0bdc-b9a1-47ac-a657-60582e930ab9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Da440a8e6f317e132%3AT%3D1695406962%3ART%3D1695406962%3AS%3DALNI_MZPNPfF_qhO-0qKZHuYMsvb-KIYwA&gpic=UID%3D00000c82debb2d9a%3AT%3D1695406962%3ART%3D1695406962%3AS%3DALNI_MapClYZA7mxVXIlOA02p0vpoCBkWg&abxe=1&dt=1695406963091&lmt=1695374569&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2Fkurlss.c%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=439719755.1695406962&ga_sid=1695406963&ga_hid=256585893&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqfCE8asxSABSAghkEhsKDGlkNS1zeW5jLmNvbRip8ITxqzFIAFICCGQSGQoKcHViY2lkLm9yZxj38oTxqzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YqfCE8asxSABSAghkEhcKCHJ0YmhvdXNlGKnwhPGrMUgAUgIIZBIZCgp1aWRhcGkuY29tGKjwhPGrMUgAUgIIZA..&dlt=1695406961976&idt=685&prev_scp=ti%3D2508c1a2-aaa7-4e9d-82c2-f41a0a338d80%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D84&adks=1021207636&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66cb5c413a58ee62908c0307f64c2c13ce47524e35758b4e50f555ecd31c2f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 92ms
27ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://imgsed.com
date: Fri, 22 Sep 2023 18:22:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 181ms
51ms XHR
application/json 99.80.190.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.190.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-190-120.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0c501c5941aa4f5fd72bd336ffc15aa8bada20857e366f1bc421ac495306cb52

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 18:22:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://imgsed.com
cache-control: no-cache
x-server: 10.45.12.230
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 72A5 15 KB
6 KB 136ms
49ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 18:22:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 379663
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
14 KB 490ms
489ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1356343793300277&correlator=1787066720082771&eid=44714449&output=ldjh&gdfp_req=1&vrg=202309190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ca52de8d1-00b1-4968-9f97-16e2f70b7499&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C900x600%7C750x300%7C750x200%7C600x100%7C728x90%7C160x600%7C300x250%7C300x600%7C320x480&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da440a8e6f317e132%3AT%3D1695406962%3ART%3D1695406962%3AS%3DALNI_MZPNPfF_qhO-0qKZHuYMsvb-KIYwA&gpic=UID%3D00000c82debb2d9a%3AT%3D1695406962%3ART%3D1695406962%3AS%3DALNI_MapClYZA7mxVXIlOA02p0vpoCBkWg&abxe=1&dt=1695406963180&lmt=1695374569&adxs=350&adys=393&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2Fkurlss.c%2F&vis=1&psz=900x0&msz=900x0&fws=0&ohw=0&ga_vid=439719755.1695406962&ga_sid=1695406963&ga_hid=256585893&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqfCE8asxSABSAghkEhkKCnB1YmNpZC5vcmcY9_KE8asxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKnwhPGrMUgAUgIIZBIXCghydGJob3VzZRis84TxqzFIAFICCGoSGQoKdWlkYXBpLmNvbRio8ITxqzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnwhPGrMUgAUgIIZA..&dlt=1695406961976&idt=685&prev_scp=ti%3D2508c1a2-aaa7-4e9d-82c2-f41a0a338d80%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&adks=753181009&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c992d2d6a99a0900541b3c8c7d5723e5124e0a7643d5fe9b1cfd946132a6669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13924
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022308011702000/ Frame BA52 222 KB
62 KB 126ms
32ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737949416a427a38e1163abf25924a6333f340f94ae4f7f5e890fabfe1057eeb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61993
x-xss-protection: 0
server: sffe
etag: "4a4a088a1387c939"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame BA52 15 KB
5 KB 166ms
72ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "166738ad32285252"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame BA52 94 KB
28 KB 174ms
80ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28952
x-xss-protection: 0
server: sffe
etag: "cfd252d60a6db402"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame BA52 5 KB
2 KB 190ms
97ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
x-xss-protection: 0
server: sffe
etag: "a86a0dd8f4aab9b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame BA52 40 KB
13 KB 193ms
100ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12942
x-xss-protection: 0
server: sffe
etag: "02797982c4ca8b38"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
DATA 200
OK truncated
/ Frame BA52 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4e51e52361516353fcace9b5c8d22f13826a5df8ff53b10f211f23a3a6e8717

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 12876327627604005017
tpc.googlesyndication.com/simgad/ Frame BA52 38 KB
39 KB 142ms
15ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12876327627604005017

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3f75fbdbcc73bd5497bb509589853b728fa37a355fa1ec4ed8277e0a079906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:28:48 GMT
x-content-type-options: nosniff
age: 280435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 16:05:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 12:28:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA52 2 KB
3 KB 162ms
34ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 60914
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 23 Sep 2023 01:27:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA52 295 B
664 B 136ms
9ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 10884
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 23 Sep 2023 15:21:19 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 29ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.09&b=2&r=imgsed.com_auto_728x90_sticky_display_bottom&sy=7432e91e-6c5e-47e6-90a5-ffe408eb6b0d&ts=84&cd=2&pud=330&pus=c&pue=2740&pid=40&pis=c&pie=2781&ppd=81&pps=a&ppe=2822&pcl=2654&ttc=2823&tti=3709&ttif=0&lca=2822&lcak=ppe&lct=2822&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=2508c1a2-aaa7-4e9d-82c2-f41a0a338d80&e=lm&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: HIT
age: 1398902
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac9330bf0d9078-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 72A5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=LehFCHxISTE5OEpaWjduK1BHbDFFRW40YUJXZUhsTUs5aDUvUVF6VlN6MjNmdk5HMUVlTXpNZkxVSGpkaFJkV2loS01VaTl4RUtzdXlpZzJUQ1pVQm9Eek9hQVpYbTdwRGxYVnp6SmxvaDFXNUhVRy9XYzZHTEhJZi9VK2...

420 B
652 B

191ms
27ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LehFCHxISTE5OEpaWjduK1BHbDFFRW40YUJXZUhsTUs5aDUvUVF6VlN6MjNmdk5HMUVlTXpNZkxVSGpkaFJkV2loS01VaTl4RUtzdXlpZzJUQ1pVQm9Eek9hQVpYbTdwRGxYVnp6SmxvaDFXNUhVRy9XYzZHTEhJZi9VK2FXSHRCdFFzVk54MXFsSkR2aXQ1ZXgvYU02ZFBBUnJObzRlUnQ1MkhiRmZiVkxRRkw5Tm5UUmpPQjNkSzl6ZDdkNE1YYm95VDROSzlZNmZaRmJwTWlmMk5haXZKMnNTcmJPQURZUmRLOWlIQkZiSTQ5aUFNTk5WVnFwTjNsWGlRVGcrbkFmZzR0MmNXS0RDMzJIcG5PQ1Y0d3MzTXFkUT09fA&cppv=2

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5a7ee3e4e005ec105d372a43b714c81a9df6b68432028a0e55656f51a92cf20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 18:22:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1500918
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Sep 2023 18:22:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LehFCHxISTE5OEpaWjduK1BHbDFFRW40YUJXZUhsTUs5aDUvUVF6VlN6MjNmdk5HMUVlTXpNZkxVSGpkaFJkV2loS01VaTl4RUtzdXlpZzJUQ1pVQm9Eek9hQVpYbTdwRGxYVnp6SmxvaDFXNUhVRy9XYzZHTEhJZi9VK2FXSHRCdFFzVk54MXFsSkR2aXQ1ZXgvYU02ZFBBUnJObzRlUnQ1MkhiRmZiVkxRRkw5Tm5UUmpPQjNkSzl6ZDdkNE1YYm95VDROSzlZNmZaRmJwTWlmMk5haXZKMnNTcmJPQURZUmRLOWlIQkZiSTQ5aUFNTk5WVnFwTjNsWGlRVGcrbkFmZzR0MmNXS0RDMzJIcG5PQ1Y0d3MzTXFkUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 283240
content-length: 0
expires: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 66ms
65ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: HIT
age: 1398902
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac93315fb19078-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: HIT
age: 1398902
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac93315fb59078-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 976 B
508 B 285ms
285ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1356343793300277&correlator=2183588244500157&eid=44714449&output=ldjh&gdfp_req=1&vrg=202309190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C7f252bc2-f8d7-4008-a336-7d7ecbed8d2b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dce7ff350e2442fa1%3AT%3D1695406962%3ART%3D1695406962%3AS%3DALNI_MYKSXrNMNZZH5bBA-t8GPBhIZ6OIg&gpic=UID%3D00000c82dede251f%3AT%3D1695406962%3ART%3D1695406962%3AS%3DALNI_MYFaUj7r7BitAxHg-pOzTvoCCuaEQ&abxe=1&dt=1695406963418&lmt=1695374569&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2Fkurlss.c%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=439719755.1695406962&ga_sid=1695406963&ga_hid=256585893&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqfCE8asxSABSAghkEhkKCnB1YmNpZC5vcmcY9_KE8asxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKnwhPGrMUgAUgIIZBIXCghydGJob3VzZRis84TxqzFIAFICCGoSGQoKdWlkYXBpLmNvbRio8ITxqzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIf0hPGrMUgAUgIIag..&dlt=1695406961976&idt=685&prev_scp=ti%3D2508c1a2-aaa7-4e9d-82c2-f41a0a338d80%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D84&adks=2126474764&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15953a1cd667293c7c79b258f205deb69444e370eb42444d36f791ab2e4f8cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 478
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BA52
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

140ms
46ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Redirect headers

date: Fri, 22 Sep 2023 18:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 12876327627604005017
tpc.googlesyndication.com/simgad/ Frame BA52 38 KB
38 KB 39ms
29ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12876327627604005017

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3f75fbdbcc73bd5497bb509589853b728fa37a355fa1ec4ed8277e0a079906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:28:48 GMT
x-content-type-options: nosniff
age: 280435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 16:05:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 12:28:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA52 2 KB
3 KB 50ms
40ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 60914
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 23 Sep 2023 01:27:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BA52 295 B
353 B 94ms
84ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 10884
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 23 Sep 2023 15:21:19 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022308011702000/ Frame 27C4 222 KB
61 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737949416a427a38e1163abf25924a6333f340f94ae4f7f5e890fabfe1057eeb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61993
x-xss-protection: 0
server: sffe
etag: "4a4a088a1387c939"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame 27C4 15 KB
5 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "166738ad32285252"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame 27C4 94 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28952
x-xss-protection: 0
server: sffe
etag: "cfd252d60a6db402"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame 27C4 5 KB
2 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
x-xss-protection: 0
server: sffe
etag: "a86a0dd8f4aab9b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022308011702000/v0/ Frame 27C4 40 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022308011702000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 22:14:05 GMT
age: 245318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12942
x-xss-protection: 0
server: sffe
etag: "02797982c4ca8b38"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 22:14:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 27C4 6 KB
1 KB 137ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 18:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:29:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 18:22:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27C4 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 60914
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 23 Sep 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27C4 295 B
319 B 28ms
27ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 10884
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 23 Sep 2023 15:21:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 27C4 0
0 32ms
31ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt63DH37WbIq37U_5-JHhdTx7xF5Axk1CAc58uJ3gRJky_K-izuV6njCxO5bysPH-5cZz-kc7e9W6DRHgne3q2IkVeNw
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 117ms
117ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imgsed.com_large_video_user&sy=7432e91e-6c5e-47e6-90a5-ffe408eb6b0d&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=900x600&mlbw=4g&mlcs=NaN&mltp=2508c1a2-aaa7-4e9d-82c2-f41a0a338d80&e=lm&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: HIT
age: 1398902
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac9333d9c69078-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 74ms
74ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS9rdXJsc3MuYy8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id: 01H9HB4JEAEMM803P34XW3M48V
date: Fri, 22 Sep 2023 18:22:43 GMT
cf-cache-status: HIT
age: 1398902
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80ac9333f9de9078-FRA

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14736748622654952284/ Frame 27C4 2 KB
2 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14736748622654952284/14763004658117789537

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3cb5d0807dfbe10f7463bb0355ffb2253344a9094af4a56337a85750f01c4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 15:06:29 GMT
x-content-type-options: nosniff
age: 530174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2089
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:11:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 15 Sep 2024 15:06:29 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4186297262031269492/ Frame 27C4 28 KB
28 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4186297262031269492/14763004658117789537?w=600&h=314

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a1bb1d4232440beacd0db2e0f7733ad9b452bc6f794fe430355667db95fc7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:36:03 GMT
x-content-type-options: nosniff
age: 10000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28734
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 14:24:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 15:36:03 GMT

GET
DATA 200
OK truncated
/ Frame 27C4 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 27C4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08cb9aa9d7385d122fc2146e65d2e4acdd55dcb8c096eb58bab8b0fd7894874c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA52 0
0 67ms
66ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CovHOctsNZej7MevC7_UP9JaviA6EqPX-cd21hIfQD8brrb6NDhABIJWbyiFglZKbgqwHoAG32eu-AsgBA6kCxf3AjbzdsT7gAgCoAwHIAwiqBKgCT9B9WXm1lMYTODtBBMpZz8mwJWbWA_NiR5WUvaxzn1P9jjgf1HQq7OTV-zhRpsV5x7sgHUrPZJxgudGwhgOlrfOWvxkMyIQMPM39oMD95FqrIjXRWEcZzn9DF3SF6yaIq61btVyYmS29_SS7CILEeIEVc3HTeqp5mpds9Y3tGERAWYaoR1MGdU8SVXuWJdHXi0l-2bE2XaUQTgkCsSU0YlPJoiuck1fFFCKdw6-viTaCozydOJPGyN-joZAf-KuXoBV3ytt8ohEvJ0gEaunHhVFc3iCg1PuHJyurfApZG0YbvSjyWeY9yPg7cJJuA0NBlJHt-OPhPuGuiGhAz3n_D8p7zwhwvwt5x2X5WMq_OSS9Ss12aChUPFl7vrt1lvRjevqAaU4oqePABJj9hraCBOAEAYgFt-2i8T6gBgOAB_K4y3qoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCrzAXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgl1aHR0cDovL3Byb21vcy5jcm0tbnYuY29tLzMzNi9hbHdheXNvbl9lYXN0ZXJfaW5nbGVzP3V0bV9zb3VyY2U9YWx3YXlzb24mdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1lYXN0ZXJfaW5nbGVzgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=wEJLspYYhX8&uach_m=[]&ase=2&nis=5&cid=CAQSTABpAlJWHJRxbwxG8oWe5CBFrAEEebkZxTFZjdozaAFMhHXX8LTddwG4fqWnHJ7s9hoeOmAgmsv5A__f3PH35aa5zbWKo96NxshOXvwYAQ&cbvp=2
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 27C4 15 KB
16 KB 109ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgsed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 167441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 19:52:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 27C4 15 KB
15 KB 116ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgsed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 14:58:03 GMT
x-content-type-options: nosniff
age: 530681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 14:58:03 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27C4 2 KB
2 KB 54ms
51ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 60915
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 23 Sep 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27C4 295 B
319 B 55ms
52ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/kurlss.c/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 10885
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 23 Sep 2023 15:21:19 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 27C4 0
0 70ms
69ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Crc9Cc9sNZf3XDpK_9u8Pt-eo0A6M3LWLXrLf4PmTC4zAtauuARABIJWbyiFglZKbgqwHoAHhhpL9A8gBCakCxf3AjbzdsT7gAgCoAwHIAwqqBKsCT9DAornMaYlN8Fnav5KE-HW_0s9uJb_OQXZNObux0YWSM3v0mVdVCo5LWG4Drtcy73GFT3tAiqPhANz5Xnn8z1FpknKAXiDsEitHF58x5YIhju3nhYaP2GVuBdIWiSIfHsZXzxr3EvaFR3QRe7xIHyN3BMvPmIzE2keBIYzyKjBuUGVjKxkUjU5GOZ51qVwWJuXaianESAXHuZ3p_Z2bBnVzX3qcGRmp5t3MOc8N_TJWMNcyIpIVGQtPyWuEzoq1q1PlJ_URaSsPCfuyzExlr53JysmYD0-PSyS084jZTu3NEngmbwxAcBSx277Fn0EoxqLDn19AYnYspfd_XTcuD7yS5hqFwBCXj8IOThLrXiF6jCtaE8eaop6JI3k_BwDPIkH2ii2-fZABdP7ABMj6hMrSAuAEAYgFv5zj1CCSBQQIBBgBkgUECAUYBKAGLoAHh_ntAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENCiBtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCVdodHRwczovL3d3dy5hY2NvdW50aW5nYWthZGVtaWUuZGUvc2VtaW5hcmUvYmFzaXNzZW1pbmFyLWtvbnplcm5hYnNjaGx1c3NlcnN0ZWxsdW5nLmh0bWyACgPICwGiDAwqCgoI5LSxAu61sQK4E-QD2BMKiBQJ0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=HTasV78jdL4&uach_m=[]&ase=2&nis=5&cid=CAQSPABpAlJWG6BccNFN_pdvYaUKFXdw23ucSM44Sa1LmW4gua3pf4tutSjO85LtMfYbzxSHamLt23enmZz9GRgB&template_id=484&cbvp=2
Requested by: Host: imgsed.com
URL: https://imgsed.com/kurlss.c/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 139ms
71ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36321737afb3ca8c5b7260e17ec1406e61d7d5de17d92aa2d14e6836b0f6f98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12104
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 18:22:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49F9 13 KB
5 KB 26ms
21ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 12:20:34 GMT
expires: Sat, 21 Sep 2024 12:20:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14EE 829 B
558 B 52ms
35ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4e5e0be92173339093fc5d97c7dca678c2ac947df54b7a1066bf20636467ab3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c3_Q8DjOjdSg_3wa3kvzpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-c3_Q8DjOjdSg_3wa3kvzpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 18:22:44 GMT
expires: Fri, 22 Sep 2023 18:22:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 49F9 37 KB
14 KB 74ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 17:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Sep 2024 17:45:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14EE 0
0 125ms
122ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309190101&jk=1356343793300277&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49F9 0
10 B 30ms
28ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TX3rGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:22:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BA52 42 B
64 B 129ms
128ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjBikLliBdz8t2bK08UA0QONDWxtDpwr13rAs8TvPzHSvV_N_Yja6R_t3tAOPUBXpp0IPaZC7Lw3VFtYKwdlgCMYPKAY0Ppheh3uPy5G1jyNZ6medX9T_qSTpp3jLB0AMxbBx0VyciYxOX-_okjI_l0ks5ljg8gMiYzQecp0G-T-RI8irqWodF4ljQUIxKXRK6aFQvYU8wrjhOU3jox8EwuJdAe39_cgzoUN-HeAYQS71qiEmx2SFi_lprrO69bhlQMz0xYeeBOOfoZnRQs2CjKsL9Cx59Qx_BZJYt3sKZj8AfoyZoWCmZtcXhR0acFMnmkOyARIY-hZPr8vxnG0Gv1Ggi6pGGJQO9zlmfHvk6XiwSWG7-UYEVRny6rIL5Uo6r2cmsQoH7P0Kz-ISR_Ug-8sslSwnfz59Eu2bJsSYxSdbI0pEblZFJGxqev5aHuH95AgJlSMkFHGWhkuNwl3SDsrP8ZT8k4aD21KBXXsMy02KlSHm8OZ4FRmBbMUyn1k6RzPnPfZBDtefdM4khmTfow4U0fBHGcrjewZfzQ97etAknGHP8xYG0vTv4aJS9zAcRv0A7pFij0YhdkgknSyEiDghozjbt7np5Mpr71cmaXKUi297d2j8MOc3Swgl_CdlC0xE5X4iQria74VRlPWI651cr3GooZMSwQRA2E7r_Kznwmv3VCPWp9XJ7qvg_65QL1quJFR4wgVP8l0P5J5vdgX5y0HE081AALmftX13J8CSW200fgZ19_4rG6WiURlWyFFFEaVVy3tjIdgtOtGssj0ih33lYIZ_ZW8vHo4-EJhVXsirkoPCm_k_GWgNv_bv34kWrU8n5TYX9Qt2UTV19oyk24qAuvqyqTR0-KlWQFJe0pkbqTRXxlJeZ7dwXDmsfZTqJNMfCmQcm6RY_4mopZPmdJhuk0g_ruBbTsm5ykGU_5E6q4ipd8jCznzDRBeXRtzc2DnZ73K_5UDd52ucM9uI1MDGLLHMoCI-CyC7kI3alLyLPr7hVgxMY4EZL010AmhAxDmh6nnzbAYqmaZw8E8SEGiJv5k_GT5MvyDXYBfK2hs8srACwP-dQ4VIuy9FmX4U7BFxKgerMzdDX7J3Vwh8okoB88yWnSXn0Go11Hht4q6A18LcKa1npSfHHjV7ZEBM-V755-HS0DNkgR7MHqE-jPRdpEUPgfEr4WSC1GtDDIWzQCP9FVlhp-SV81EHKCLDTGcBJbPewyrQQJC2NHHwy7zPEaLp1SXtg0KcuDiXmsY47gHKLzRdE0AobN-tulRpwn_8dvMF-MysBjTqbEy0wWLsAu6c4YoxV_-VjRCe7M4ZLo0Mkd8DfutYx1pUScZahUUONxj3Wq18jiqRZbZKyMZcpHpuv&sai=AMfl-YTpt1bu9u4PbUtD_RxZYtmOOxZZP-dWDXYCQ7MY_Xc0CNaVA8at6UY3U2kLf8RntdRGw6sAohV7Sa_igFZGW3uIeviGfIIseNmKuI9BiEjwYMq8MXXucMAMtX9FDijUZ3seWUHmpCpNrbauQx0asE_XT98kHhF_qdc&sig=Cg0ArKJSzO6yioccLO6wEAE&cid=CAQSTABpAlJWHJRxbwxG8oWe5CBFrAEEebkZxTFZjdozaAFMhHXX8LTddwG4fqWnHJ7s9hoeOmAgmsv5A__f3PH35aa5zbWKo96NxshOXvwYAQ&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1016&mtos=0,0,1016,1016,1016&tos=0,0,1016,0,0&tfs=625&tls=1641&g=100&h=100&tt=1641&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 18:22:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 27C4 42 B
64 B 136ms
136ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUbcXiiCLynT1qzW1A_RttEFMzITZoz1miJ0y_SyPdgd-yvRRHZpuKCq29LxFw58rJXz9pgCtwZ-2rPIF4T8wkkGgfqSN7dpJolqBqretUqfBbQkId9BKq3WUFVO4NWcGTXacqsmSOmzFK&sai=AMfl-YRdB4ChSbt1yDevvjONPDsszmXW6jZw0E468jPTlOx0R5g9AgINKP-nGYtv2rg_hTJQfqsIX3-dsX7-08vGxmmPISAkbRvRyRmbBAu26ywxT3_OBj4zizmSjlSp&sig=Cg0ArKJSzJYVVdNNtmFMEAE&cid=CAQSPABpAlJWG6BccNFN_pdvYaUKFXdw23ucSM44Sa1LmW4gua3pf4tutSjO85LtMfYbzxSHamLt23enmZz9GRgB&id=ampim&o=350,393&d=900,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=341&tls=1341&g=100&h=100&tt=1341&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 18:22:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 128ms
128ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309190101&jk=1356343793300277&bg=!RUalRgnNAAYrDsWMCw47ADQBe5WfOFSwLnGSmtEcz_5EEP8QE76izfR1-YQis7NZVPH41P73Pcro7LaLbXKzfWRVWFt5AgAAATJSAAAACmgBB5kCrge3pG3qje69ge21JthQCN8jrU9kej2f1lDrlgWnadiERr3l4g5qx2G0dcs7Bh-cc0-IviL5TrHJffheJ42fLgDozKISKRex7_dLLnyvsXW0patml_qELFHm9ndDmJlVl3p6nQw-z6PLDyxHhuDUbeh3LN1pz73aDDzPRg7cTdw9okpgH10trGJCmulllXgcaPA-egsjkqa7QV0R-ksTBBlWbKHEJTdlHk8ZrJSkOx5sOlD-PHnoV_ZLOzWM8WWpMQE63sG7aLt-SoCntzoqFQ5fR-fs9eYd2ymzc541MgRRuPTyaxS3BC3jK-Au-f_u-Tmmm71UYn74_Dms3o2itDQHRqRNPkqvP2BpN8w9b9tL8BKxn4rcrRklbouKCQTSQLSgTpOcdlgDKzP-DYmpecbVtlXjGEQBnFhTRz874sQbH2zRl7ZrMp35_bHja9trUnTBGjHYyGxc2u1NlkYP-a0nXMriEBMcQ7W_EO_mj033l7GF4UwI1xDuwatlIjLdYRInl82kd6ID6WlSamO_dWMXHlakKCwLtKKeh8wqJIG3S0ARkx8OUsb_Vd7_iUaL5jv_A33FO7tSM4PolJetAhkx6XigTPcvX13Rs2tjVY0x89SljWWtCHqYwKasgPmj96fPCo1DBpZy2cVxYe75bXkqw6YLP3PXjbdU6LelNQTMR_xntaXUAe-ZLQyi8oG3epUceLqB2hiWF78s7QsGQ2J_sDygfCe91a_ag1FL4UplffBZUR520tyBOIPGnsDn4XDiC1u_mTNwQWMU2-VMS7fdOa0a8NA_o5CplKi4sq06aL6FD0Pj6zW1rFxiC6hFcHQ2GP_mHmWEqLhT5XWGw38_XeL1hFhar-zpU1evqFikc_yK46FQSpfGEf-JUJbgAR-B2cwR8JZfWs4IFuXZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-21 00:32:46	Name: demandSupplyTi Value: 2508c1a2-aaa7-4e9d-82c2-f41a0a338d80
.demand.supply/	1970-01-20 14:56:48	Name: __cf_bm Value: A7JRerFcukWCKcEuIspqdYRwRYaH98sEpvYDjx5sCj8-1695406962-0-AZcPF0Pnj277wyZq90kyNFC7S+qjVTYWaALZEyNWl15NQqVjlz/MsGb953Bii7hMuDoca6U+O5FFN9GcWszv4JU=
.imgsed.com/	1970-01-21 00:32:46	Name: _ga_GC2VPDBYKB Value: GS1.1.1695406962.1.0.1695406962.0.0.0
.imgsed.com/	1970-01-21 00:32:46	Name: _ga Value: GA1.1.439719755.1695406962
.imgsed.com/	1970-01-21 00:18:22	Name: __gads Value: ID=ce7ff350e2442fa1:T=1695406962:RT=1695406962:S=ALNI_MYKSXrNMNZZH5bBA-t8GPBhIZ6OIg
.imgsed.com/	1970-01-21 00:18:22	Name: __gpi Value: UID=00000c82dede251f:T=1695406962:RT=1695406962:S=ALNI_MYFaUj7r7BitAxHg-pOzTvoCCuaEQ
.criteo.com/	1970-01-21 00:18:22	Name: uid Value: 7e008234-2a28-4563-a0a4-045d504ce4da
.doubleclick.net/	1970-01-21 00:18:22	Name: IDE Value: AHWqTUl85Hkk3927p68YbWjdfHAS1NeCV9p_oGKqscLnHDm9RZE1v4O2SqRUaEX8S_4
.imgsed.com/	1970-01-21 00:18:22	Name: cto_bundle Value: dtVRyV9HM01obW5HSHlYcE1oQzB0V3owekRja2hPcDFvWFA2cUJWdlZiZU1UdWFQc1lkMlVoRWZFYTRESE8yc2FzWm0yZmdaciUyQjJKWHp6N1BCUzRVaURvY3U1Zzg1RmIwNEtvcXFRYktLYnRGUENSZmpVaThWT3ZiMks4UFN3JTJCMVhVYnklMkZLcFdjSUNUWFdKTUlZSEFxb1hCZGclM0QlM0Q
.doubleclick.net/	1970-01-20 14:56:50	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://imgsed.com/kurlss.c/ Message: The resource https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS8= was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4b715e61a52b13fce2659ffd514b9fa9.safeframe.googlesyndication.com
api.demand.supply
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
d9.imgsed.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
imginn.org
imgsed.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
s1.imgsed.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
v.imgsed.com
www.google.com
www.googletagmanager.com
162.19.138.116
178.250.1.11
18.155.129.21
2001:4860:4802:32::36
2600:9000:2250:a200:a:e047:753:6381
2606:4700:10::ac43:266a
2606:4700:20::ac43:4970
2606:4700:3037::6815:1c2c
2606:4700::6810:5514
2606:4700::6810:8616
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a02:2638:d::2
2a02:2638:d::d
34.96.70.87
99.80.190.120
077c77f6fb074d290de9aae501eadd70d1fff29e241225bc0dabb6d62c3d32ae
08cb9aa9d7385d122fc2146e65d2e4acdd55dcb8c096eb58bab8b0fd7894874c
0c501c5941aa4f5fd72bd336ffc15aa8bada20857e366f1bc421ac495306cb52
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
1587e1d7b6fb6ac04238ae9b1c76dba6d7ce26fb85854f046d1154d64eb5ed35
15953a1cd667293c7c79b258f205deb69444e370eb42444d36f791ab2e4f8cad
20debeb73bdeab45aff2c450993de34494e33033b411e02f1dcfbc8f08fa2a5f
2a1bb1d4232440beacd0db2e0f7733ad9b452bc6f794fe430355667db95fc7bb
2c5a98f77e9516f40f64a2f722439753be20901df1986c02cae5daa8a83e2d2c
30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8
30fdc11133842380e5b90e42fd82573bde43728e92200123d935573134d2fb55
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36321737afb3ca8c5b7260e17ec1406e61d7d5de17d92aa2d14e6836b0f6f98d
3a7c3f7a6c1706f9336198d7eedf6c2acf45709778a20a6ee57fb1457b02b93f
3aa23f97006a3cf3f42f767fc53f6c89552401110d2585ea1210c05d5f47b405
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4bd397c48a83b66aa8047f6fc0fc6c82ef65490caef31b44cbcb6fb396d5c2b8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a7ee3e4e005ec105d372a43b714c81a9df6b68432028a0e55656f51a92cf20f
5e5eca9994636002c50b60b00155b79525ca5fb1efb32002d02b709d7489931f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
652eda34d195808a14296f688ea240bea5b713b232c66e5f9dbd9642f93d356f
66cb5c413a58ee62908c0307f64c2c13ce47524e35758b4e50f555ecd31c2f1c
67ca9e6ce320adc1f918def80bfffd966c351c9c4e688f733c163ab5cc786385
68b9837b59dcd2a3e7e6746faf2a682dafc160fa4c64450612753b3586672612
703d57a7249a49c3a7866473880bbde6a165bb36e46b9f1dd36b00f8f673efce
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
737949416a427a38e1163abf25924a6333f340f94ae4f7f5e890fabfe1057eeb
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7975a3c1a44a4241b24c728036115c744f08075ad0cd21719a45dcbb5c295377
7ee184fee719a88cf8091674133669e2d8236acd53745d005818a3e22f9460d7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
880f92107445b73f24619b99c4797d7623acac63152f8b772949c460ca0b4d78
8c992d2d6a99a0900541b3c8c7d5723e5124e0a7643d5fe9b1cfd946132a6669
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9b3f75fbdbcc73bd5497bb509589853b728fa37a355fa1ec4ed8277e0a079906
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
a919d4e42f00dcc56b180bc91b4bdc195b8e6d6787128283d17b1da9f32308d3
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b8418b3b3401e9ba6f3a17a15fd7f27d3633cda58ba129231631c07720435499
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c12c5de9ee0e73d6f0877a170e1a884ca1ea4976b98fc4b90432de5d650f0061
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
cb2a383a01dfab22b45cb5c4dc34a31aeb4e94bbc8184ff7c0763728bc8269e1
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
d3883e9c612b6e0dceaf72214920d1ad495567e076f1c10699da044a52896bde
da06ff87e7dfaf7a650fd0829aa36e696a7c7749e71f1d33409bf0831bbb1e98
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcee99a98a72212441b7740bd71c6585a33232466f36c9ff5f54431895e72143
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb5d0807dfbe10f7463bb0355ffb2253344a9094af4a56337a85750f01c4aa
e4e51e52361516353fcace9b5c8d22f13826a5df8ff53b10f211f23a3a6e8717
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ac855e7ca9ba3c44af3ef8d3e2887bf9063c22b973c0e051211477a18c451b
f4e5e0be92173339093fc5d97c7dca678c2ac947df54b7a1066bf20636467ab3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

imgsed.com Open in urlscan Pro 2606:4700:20::ac43:4970 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

98 %HTTPS

79 %IPv6

18 Domains

28 Subdomains

24 IPs

4 Countries

1474 kBTransfer

2971 kBSize

10 Cookies

13 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgsed.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

98 %
HTTPS

79 %
IPv6

18
Domains

28
Subdomains

24
IPs

4
Countries

1474 kB
Transfer

2971 kB
Size

10
Cookies

93 HTTP transactions
5 data transactions