Submitted URL: http://imgsed.com/
Effective URL: https://imgsed.com/
Submission: On August 06 via manual from IN — Scanned from DE

Summary

This website contacted 41 IPs in 7 countries across 40 domains to perform 126 HTTP transactions. The main IP is 2606:4700:20::681a:a84, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgsed.com. The Cisco Umbrella rank of the primary domain is 367737.
TLS certificate: Issued by GTS CA 1P5 on August 5th 2023. Valid for: 3 months.
This is the only time imgsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
18 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 65.9.66.97 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 3.248.0.230 16509 (AMAZON-02)
1 162.19.138.82 16276 (OVH)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.7.13 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:46::42 8075 (MICROSOFT...)
1 184.30.16.183 16625 (AKAMAI-AS)
1 3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
9 142.250.185.194 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
1 18.192.47.9 16509 (AMAZON-02)
3 3 213.155.156.183 1299 (TWELVE99 ...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 185.89.210.212 29990 (ASN-APPNEX)
1 2600:1901:0:7... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 172.105.232.22 63949 (AKAMAI-LI...)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 185.86.138.151 201081 (SMARTADSE...)
2 2 142.250.186.38 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 92.123.148.9 16625 (AKAMAI-AS)
2 13.42.110.74 16509 (AMAZON-02)
1 18.66.147.41 16509 (AMAZON-02)
2 3.11.46.112 16509 (AMAZON-02)
126 41
Apex Domain
Subdomains
Transfer
23 googlesyndication.com
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
90 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
ad.doubleclick.net — Cisco Umbrella Rank: 196
223 KB
18 demand.supply
live.demand.supply — Cisco Umbrella Rank: 45217
39 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 29104
ad4m.at — Cisco Umbrella Rank: 10323
assets.ad4m.at — Cisco Umbrella Rank: 38449
399 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 418
110 KB
5 imgsed.com
imgsed.com — Cisco Umbrella Rank: 367737
s1.imgsed.com — Cisco Umbrella Rank: 688770
13 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24618
api.webgains.io — Cisco Umbrella Rank: 53518
31 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5239
920 B
3 bing.com
www.bing.com — Cisco Umbrella Rank: 52
14 KB
3 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1691
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6410
29 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 431
mug.criteo.com — Cisco Umbrella Rank: 2526
7 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 42287
92 KB
2 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 152740
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 124981
4 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
113 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 874
id5-sync.com — Cisco Umbrella Rank: 440
26 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1044
bcp.crwdcntrl.net — Cisco Umbrella Rank: 904
12 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1869
304 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16587
703 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 66154
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 61899
438 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 61437
262 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 862
75 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 393
456 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 14829
598 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2300
173 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 42875
611 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 878
465 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 360
146 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1535
668 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1779
584 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 5734
32 KB
1 gstatic.com
fonts.gstatic.com
34 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1742
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 369
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
13 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1702
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
88 KB
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
126 40
Domain Requested by
18 live.demand.supply imgsed.com
live.demand.supply
client
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imgsed.com
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
imgsed.com
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
9 cm.g.doubleclick.net e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
www.googletagservices.com
6 assets.ad4m.at as.ad4m.at
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 www.google.com 1 redirects tpc.googlesyndication.com
imgsed.com
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
3 d5p.de17a.com 3 redirects
3 www.bing.com 1 redirects e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
3 e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 s1.imgsed.com imgsed.com
s1.imgsed.com
2 api.webgains.io analytics.webgains.io
2 track.webgains.com as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 ams3-ib.adnxs.com e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
cdn.adnxs.com
2 www.googletagservices.com imgsed.com
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 region1.google-analytics.com www.googletagmanager.com
2 imgsed.com 1 redirects
1 analytics.webgains.io track.webgains.com
1 www.awin1.com as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 ssbsync.smartadserver.com e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 a.c.appier.net 1 redirects
1 tr.blismedia.com e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 cms.quantserve.com e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 x.bidswitch.net e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
1 ums.acuityplatform.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cdn.adnxs.com imgsed.com
1 adsdk.microsoft.com imgsed.com
1 googleads.g.doubleclick.net imgsed.com
1 fonts.gstatic.com fonts.googleapis.com
1 mug.criteo.com
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 www.googletagmanager.com imgsed.com
0 sync-dmp.aura-dsp.com Failed e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
126 54

This site contains links to these domains. Also see Links.

Domain
sulvo.com
Subject Issuer Validity Valid
imgsed.com
GTS CA 1P5
2023-08-05 -
2023-11-03
3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2023-02-19 -
2024-02-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-05-18 -
2023-08-16
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-06-27 -
2023-09-25
3 months crt.sh
*.id5-sync.com
R3
2023-07-04 -
2023-10-02
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
www.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05
2023-04-07 -
2024-04-01
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
*.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
r.bing.com
Microsoft RSA TLS CA 01
2022-11-15 -
2023-11-15
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2023-07-31 -
2023-10-29
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-06-09 -
2023-09-07
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-13
a year crt.sh
*.webgains.io
Amazon RSA 2048 M01
2023-07-24 -
2024-08-22
a year crt.sh

This page contains 14 frames:

Primary Page: https://imgsed.com/
Frame ID: 678E26ED51441D75306B692165A2328A
Requests: 47 HTTP requests in this frame

Frame: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0FFA270DC269055A5AE134B267A46E9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com
Frame ID: ADF4C4DA7EA938B3B22582F53F418B3A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CA8E62DF9BEB7AE4BEA5AD91AF34856
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12394203C3C223C88A7E66B69717454B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: B1CAF72807C5100006444BAED277C9B2
Requests: 13 HTTP requests in this frame

Frame: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A94231A91D8202E93D22B36662B1F58B
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 2657FFCC6C341019E1A615C2BF3BB4D9
Requests: 11 HTTP requests in this frame

Frame: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5A3054A1168DD2A137D22FA92688B275
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ktszdp5kk5m8t75w53sj2aaxfn3pvp8k3nwcv59c04zf4b6ap2ccrg0bqw7gvcfz2872xw21a2ybccnettbhape56v28s76rhw610m65xv19agf20vz4wgtke388ap50bn3szq03fm83nz9mtme99p5ayyn0adps89xbhqejvfnhqp9nmtdgef3sx6rx573mpq8jfvge6kn7c8eay18mmq819t85axre0bdfs84zg1a1tq5a8xjq6vjrq3gfay767304rwvwy6h3798ve7c8mn20m8vwnz3d2rwgqva4gsjetr512p415s503p3v94r0nrhrf2854ghggyqrpr9etmxmzg7fc55wgw52h7gzpadak7jgttsh06v164y9bn380z0r2rvw3yr2vsc02a40rw49g3p3q3j2c0gzyqx5dme1pg8hnyg1nzyvp7j7dgqe7nzyneg70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 827FC6FB6E4DC3AE728A505EA77E45DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DDFFAB65803E608A00F51314858B6562
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8DDD7C92B27CEA7290F35FBE726BF98F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFEB19E8933B616E769C45A08E853CE9
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Frame ID: 62ECB98CA4E37034865AA2EDDF8399DA
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

download instagram stories highlights, photos and videos online - imgsed.com

Page URL History Show full URLs

  1. http://imgsed.com/ HTTP 301
    https://imgsed.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

126
Requests

90 %
HTTPS

50 %
IPv6

40
Domains

54
Subdomains

41
IPs

7
Countries

1378 kB
Transfer

3279 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://imgsed.com/ HTTP 301
    https://imgsed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_dyUoXxlT0NZak45Nk4zWGVoQlVlUXJhWGVWNVlUTEI3Qy9TaUFmcmVjVjVENjRQNzVDdGtPZkhYMU1WTVRENWdRSS9tbncyUDVPMmJ1NkFZT001SWhNejlISjNOYm45SWlSL3Zzd05aRlBVWldpQ2xIZzJiSDkrN3JqWU1HZ0NJWnVwMmF6bWQ0YVJQemk2RjZ1RE1RVFBla2RNZzFKMlhsekluc0VxSWx5M1M4Q1U2VCtSRVRhWC9GNHY0YlAzVk5vQVpBQW9aTmxpU3VodVl2ZEZ5b2ttLzczL0JOSERhSXZqWFVRSGlrK3ZPV1BkNmNMUmdoNFhxdzRKRUZ6dHVHblN4U2JNdlpnVWFJT0xXUUxjTFB4d3M1Zz09fA&cppv=2
Request Chain 57
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 69
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=9a580975-2b54-404d-bc1c-09b973dc55a2&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=c620a1a2-7262-4a89-a765-3ad2d40dcbc5&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D412b4cc0f3774f7292212a3d196bca98%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=5377463121165820545&wp= HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=412b4cc0f3774f7292212a3d196bca98&SNR=1&GV=2&med=10
Request Chain 85
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFmF4UBQ5Y9TLr3ARx0Xrns&google_cver=1&google_push=AXcoOmQO7NwsDf3dz5jtF3EA6f6dkQ9rP03yYXriRE_xFF3oH2H-1gKLMcb3AKNMUHqDqS78QTvlkYqgs04irkXh3hE02FeKk4Q4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDA2MDgzMTc2NjczOTA5Mg%3D%3D&google_push=AXcoOmQO7NwsDf3dz5jtF3EA6f6dkQ9rP03yYXriRE_xFF3oH2H-1gKLMcb3AKNMUHqDqS78QTvlkYqgs04irkXh3hE02FeKk4Q4
Request Chain 86
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEGKl5wC6SOtW_SRAziFy9sU&google_cver=1&google_push=AXcoOmQJP1DtQO7ys4gOv6F2VRw1cE5iNQVYpHCuQn0tba6MpYZAWZTCSwEX2h2NHP6fvm3E_vKHcQ0n4cGxMU9yMBMA0IBeEB_a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=809939810033
Request Chain 88
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEN5Hvr_nE-77k3Exm2LMT3g&google_cver=1&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZlNIYxJuvNQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN5Hvr_nE-77k3Exm2LMT3g&google_cver=1&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZlNIYxJuvNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZlNIYxJuvNQ
Request Chain 105
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKftLZHFWlf3zwNgvd0NUGM&google_cver=1&google_push=AXcoOmT8lUnlAOOMUu5Yzoi_-RRs3-rej3NVuQiljJ22RhYbSF1qjSHblM7IgPb-nq2MqLnQqIHsILWXTS98OSDUdSbZSMfOnrcK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8lUnlAOOMUu5Yzoi_-RRs3-rej3NVuQiljJ22RhYbSF1qjSHblM7IgPb-nq2MqLnQqIHsILWXTS98OSDUdSbZSMfOnrcK&google_hm=ZTmGAucFTa2NVd3m7VhPpks
Request Chain 107
  • https://a.c.appier.net/gcm?google_gid=CAESEFj57ek83REPlYeJ20o-OaI&google_cver=1&google_push=AXcoOmTFjm6yksQYbEZjk2xEIk2SI0OifSrYPQLhbmUoOzkyzzz41P4wQSHPeDbPPWM78RvYOJwkebvjLvf92tel9fXIZKxabmpE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YzJTQ0kwWk9DSEtlemM2YzJDRFBaQQ%3D%3D&google_push=AXcoOmTFjm6yksQYbEZjk2xEIk2SI0OifSrYPQLhbmUoOzkyzzz41P4wQSHPeDbPPWM78RvYOJwkebvjLvf92tel9fXIZKxabmpE
Request Chain 108
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEN5Hvr_nE-77k3Exm2LMT3g&google_cver=1&google_push=AXcoOmTSmb_OV805safTaObdU7yOpkanxEPwA_orppvcT_xLdvC10Zw91CFTJ98JYOZR5_rAAUkWH6FtPNk7eg0ITnqCA4R6mTs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTSmb_OV805safTaObdU7yOpkanxEPwA_orppvcT_xLdvC10Zw91CFTJ98JYOZR5_rAAUkWH6FtPNk7eg0ITnqCA4R6mTs
Request Chain 109
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO4XBQG8Hq-YX9jlzzwfN6U&google_cver=1&google_push=AXcoOmRyNIAL8LXlcFHBJEkLDuftKNam7Z1gGmXv5rFv2O5iXgCJsPQ-75LTkM9XEhaf6e2G4X1a9opsBBl2_bGtvQ0S3TUD8dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtZWFkySlQtUy1FQzU3&google_push=AXcoOmRyNIAL8LXlcFHBJEkLDuftKNam7Z1gGmXv5rFv2O5iXgCJsPQ-75LTkM9XEhaf6e2G4X1a9opsBBl2_bGtvQ0S3TUD8dw
Request Chain 117
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3DviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN7QjbeYx4ADFSfKuwgd-YsCQA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3DviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117683&partnerid=12218

126 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
imgsed.com/
Redirect Chain
  • http://imgsed.com/
  • https://imgsed.com/
2 KB
1 KB
Document
General
Full URL
https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34398d4775c6decebdeee7b25496dbd028b3f7be04a649163dfe96e349270e10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1590
cache-control
public, max-age=10800, immutable
cf-cache-status
HIT
cf-ray
7f2484d8a9809ba6-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 06 Aug 2023 04:25:57 GMT
last-modified
Sun, 06 Aug 2023 02:03:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdIFLSbZxFWiab5s3KnMlqpB9uLYpFwzOWdcvPiGNU69rKSfxSl4g0OXip%2F3Lh60cuJW8qzaYkow%2FMrT49j4eE0eMyE4MU2nGdLRNRPM4o%2B2WxD87w8%2BfL%2F%2FixPgY38qyikQ96m4IwI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
MISS

Redirect headers

CF-RAY
7f2484d879422c36-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 06 Aug 2023 04:25:57 GMT
Expires
Sun, 06 Aug 2023 05:25:57 GMT
Location
https://imgsed.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iusPR19TTou8R9cI5J2U4NVi7uz2vX8sNn6M3FrjglKDYLj%2BqHo%2FpUDKbOBQXV0uZ5Kgj7cJISRfWiNbOZV75avey9Yjw%2F22Zu24kqavgEcW%2Byrfezdpi0nKD0blC4A0rJsRQfvsdfc%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
up.js
live.demand.supply/
5 KB
3 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782fedc9adca0c5dd78406c40b52452f8f7d85b6eacc131573444b5d2b18b81d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H70R2PQZ01FWENFCJKXCY5HW
date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
cf-cache-status
HIT
age
1164
cf-polished
origSize=4392
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"00badb0d20c4bd4460edaae1698fbd9b-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7f2484d8fe98924d-FRA
link
<https://live.demand.supply/impl.v17.8.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/aW1nc2VkLmNvbS8=>; rel=preload; as=script
timing-allow-origin
*
art.css
s1.imgsed.com/css/
36 KB
7 KB
Stylesheet
General
Full URL
https://s1.imgsed.com/css/art.css?v58
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c4fe55f050619e96dc1ea93f5a29f6fd50fb47948cb2072bbbebeb0605c059f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 03:40:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
885677
etag
W/"64ab7d90-8f47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svlhrlGCEOZd%2BdhffH3dxHzZBYbaljcORBkKeGkIChTaqkxsoVP9KUBccjmDU4FlaqH6LendrwUabdYf4QyWBAoAbKlZGt0yZt6qLDaTJQSDZlu2Lxuic%2B3xz%2BD384%2BvLM7ZpXouqmDn6Mo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7f2484d8d9b39ba6-FRA
expires
Fri, 25 Aug 2023 22:23:31 GMT
js
www.googletagmanager.com/gtag/
263 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57e680a9691665857f66e4245441b73ffdef341dcdf7502275e16e9e01bdcb5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89775
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 06 Aug 2023 04:25:57 GMT
art.js
s1.imgsed.com/js/
7 KB
3 KB
Script
General
Full URL
https://s1.imgsed.com/js/art.js?v58
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bdf1f48701fc211a6c4150d349274d425e63f93865e7255d6fd1df1316b8f8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 03:40:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
885677
etag
W/"64ab7d90-1d6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpUmZ6RkHUEHwHZRkQNuJn7qaVDg6GGNehmaVxyIbDMSDLmHdT1zgQgLB0mT%2BeSqQSV4mPdCqHSPWGiUUpyhuK9dupd8XMIR38QQhu6JGOs%2FmlpbP1cT4Z1tZ0vQntQsEVnxypKSC6HF9MA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f2484d8d9b49ba6-FRA
expires
Fri, 25 Aug 2023 22:23:31 GMT
search1.png
s1.imgsed.com/img/
332 B
772 B
Image
General
Full URL
https://s1.imgsed.com/img/search1.png
Requested by
Host: s1.imgsed.com
URL: https://s1.imgsed.com/css/art.css?v58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.imgsed.com/css/art.css?v58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885605
cf-polished
origFmt=png, origSize=828
content-disposition
inline; filename="search1.webp"
content-length
332
cf-bgj
imgq:85,h2pri
last-modified
Wed, 28 Dec 2022 12:10:31 GMT
server
cloudflare
etag
"63ac3237-33c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbHmpE9xEEWrQk4ka4nE0T5QhQYF0EH%2FZcrmXWlvBSWk24GyOZacn%2BKJXdwssryudR5XTSNnHuSFxrd7AcwGvmrEN9nmAiN1sU5ywFOoCC2Y5HRTn3aY8cE0Puqs7vC6%2BeHxbN1AaMeXNCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7f2484d919f69ba6-FRA
expires
Fri, 25 Aug 2023 22:23:32 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je3820&_p=1344453831&cid=1615437740.1691295958&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1691295958&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://imgsed.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.v17.8.0.js
live.demand.supply/
82 KB
27 KB
Script
General
Full URL
https://live.demand.supply/impl.v17.8.0.js
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1adccf6c93cef96635e609eb89bec05a73f42c238f1e1db2bff8200d6c502d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H70R2KMCKR8S2R4CFWYG9H82
date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
cf-cache-status
HIT
age
127333
cf-polished
origSize=83692
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"29a6e854debbf54a926c6c3a6fa297fd-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7f2484da6810924d-FRA
aW1nc2VkLmNvbS8=
live.demand.supply/p4/v16-10-0/
2 KB
894 B
Script
General
Full URL
https://live.demand.supply/p4/v16-10-0/aW1nc2VkLmNvbS8=
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd0698059d8e1719c2d21ebfa7353e2845716957e136b156a20034f6e6dc6aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7f2484da7811924d-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=267&cs=c&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484da8b1368ef-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b91c7f7132284ae21f04877286367498d3ef6a2e597358dd40570c28e827cf3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27948
x-xss-protection
0
server
cafe
etag
709 / 19575 / m202308010101 / config-hash: 16920917814545374618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 06 Aug 2023 04:25:58 GMT
ds.2.html
live.demand.supply/
413 B
623 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV9KP7JHKMSX18R4J1Y6Y7
date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2472126
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7f2484da8b1268ef-FRA
alt-svc
h3=":443"; ma=86400
imgsed.com_fluid_sq_index
live.demand.supply/cp/
29 B
373 B
XHR
General
Full URL
https://live.demand.supply/cp/imgsed.com_fluid_sq_index?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2688d91132f25349b30bcf2767345d5bb4466d1ecf7473f3caff31f300c25c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7f2484da9b2868ef-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/
398 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 15:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
47065
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129167
x-xss-protection
0
server
cafe
etag
5057873641579568274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 04 Aug 2024 15:21:33 GMT
imgsed.com_auto_728x90_sticky_display_bottom
live.demand.supply/cp/
30 B
373 B
XHR
General
Full URL
https://live.demand.supply/cp/imgsed.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e53a0dd17294b2d4a02719c1f59973bd168df2f7e179a0eda7476df40797db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7f2484db1b8768ef-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8e00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
Date
Sun, 06 Aug 2023 01:26:26 GMT
Via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
10773
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
y7oezcrysu_euw3eFvbYYBytOf9CQa9RQDP99Hw38ts2wAtArYi8-A==
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 04:25:58 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 11:15:11 GMT
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
61848
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
wp499nqz0tvEEvP3nBcB43TlyTc9rtU9mtKxcGJzl58esZY5LukW7w==
esp.js
cdn.id5-sync.com/api/1.0/
112 KB
26 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
WYJ03SF4665EXAPH
age
2695
etag
W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f2484db48c10414-FRA
x-amz-id-2
IPw2zshTMOj9qvNKrCCoXTp8KGLaJ7ukJIc7DUBXDzOYxd3zAxkJWp25yM6/kBpV8aLA1H1DBkstusOQ1eZ41A==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28003
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BM6sKjhZ7VqKeFjW2NnUxhc%2BAIwM5BxWPkCDwa5pB4yRNwD2G86lz8Id0dRwsHLczWmVI6hupRDqNet8AdbZHlBkKbM0FX6eWyt7rW0fq2VnthHG7Qml3lKckihqMZiuVZxPPshRYMz6sq2eGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f2484db4d441c40-FRA
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
1e344765e483f84cebbb3706836d2b23
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/
1 KB
718 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2423565064123112&correlator=1640572682656771&eid=31076625%2C31076769&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C5b1fcc9a-8fd7-4f9e-af23-7e840d87b75d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3557535414&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691295958275&lmt=1691287401&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1615437740.1691295958&ga_sid=1691295958&ga_hid=1344453831&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_onhyJwxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj-ieHInDFIAFICCGQSGQoKcHViY2lkLm9yZxj-ieHInDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_onhyJwxSABSAghkEhcKCHJ0YmhvdXNlGP6J4cicMUgAUgIIZBIZCgp1aWRhcGkuY29tGP6J4cicMUgAUgIIZA..&dlt=1691295957884&idt=360&prev_scp=ti%3D09092d46-a795-4ac5-9e37-349fa93053b9%26interstitials-bid%3D7%26bid-p%3Dgoogle%26bsc%3D70
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78cd6316cf8898d0c588b2addd9c75da15c5c63b7537282d3b4744d7349e3d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
687
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://imgsed.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C0FF
6 KB
3 KB
Document
General
Full URL
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imgsed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 04:25:58 GMT
expires
Mon, 05 Aug 2024 04:25:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/
37 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad426d1dc2d0d527e2ad3f0e36344c25d9893546a49353e19bd991bd1b1638a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 12:56:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
55770
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13114
x-xss-protection
0
server
cafe
etag
13739258740327089956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 04 Aug 2024 12:56:28 GMT
map
bcp.crwdcntrl.net/6/
60 B
330 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.0.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-0-230.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7576d51eef6950beaf153bd4c93d1f8050aa7f1f88be379b40d835d7c713323b

Request headers

Referer
https://imgsed.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://imgsed.com
cache-control
no-cache
x-server
10.45.15.98
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/
0
319 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://imgsed.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://imgsed.com
date
Sun, 06 Aug 2023 04:25:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame ADF4
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://imgsed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 04:25:57 GMT
server
Kestrel
server-processing-duration-in-ticks
220373
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame ADF4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_dyUoXxlT0NZak45Nk4zWGVoQlVlUXJhWGVWNVlUTEI3Qy9TaUFmcmVjVjVENjRQNzVDdGtPZkhYMU1WTVRENWdRSS9tbncyUDVPMmJ1NkFZT001SWhNejlISjNOYm45SWlSL3Zzd05aRlBVWldpQ2xIZzJiSDkrN3JqWU...
428 B
652 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=_dyUoXxlT0NZak45Nk4zWGVoQlVlUXJhWGVWNVlUTEI3Qy9TaUFmcmVjVjVENjRQNzVDdGtPZkhYMU1WTVRENWdRSS9tbncyUDVPMmJ1NkFZT001SWhNejlISjNOYm45SWlSL3Zzd05aRlBVWldpQ2xIZzJiSDkrN3JqWU1HZ0NJWnVwMmF6bWQ0YVJQemk2RjZ1RE1RVFBla2RNZzFKMlhsekluc0VxSWx5M1M4Q1U2VCtSRVRhWC9GNHY0YlAzVk5vQVpBQW9aTmxpU3VodVl2ZEZ5b2ttLzczL0JOSERhSXZqWFVRSGlrK3ZPV1BkNmNMUmdoNFhxdzRKRUZ6dHVHblN4U2JNdlpnVWFJT0xXUUxjTFB4d3M1Zz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a815583123c761b2f05b654ceae43e892e3f8d64d8c1aecc0b7f56f127553804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1099470
expires
0

Redirect headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_dyUoXxlT0NZak45Nk4zWGVoQlVlUXJhWGVWNVlUTEI3Qy9TaUFmcmVjVjVENjRQNzVDdGtPZkhYMU1WTVRENWdRSS9tbncyUDVPMmJ1NkFZT001SWhNejlISjNOYm45SWlSL3Zzd05aRlBVWldpQ2xIZzJiSDkrN3JqWU1HZ0NJWnVwMmF6bWQ0YVJQemk2RjZ1RE1RVFBla2RNZzFKMlhsekluc0VxSWx5M1M4Q1U2VCtSRVRhWC9GNHY0YlAzVk5vQVpBQW9aTmxpU3VodVl2ZEZ5b2ttLzczL0JOSERhSXZqWFVRSGlrK3ZPV1BkNmNMUmdoNFhxdzRKRUZ6dHVHblN4U2JNdlpnVWFJT0xXUUxjTFB4d3M1Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
258986
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5a68867fa9950352144779960ba6c4c1b846449a3a7c9a3041230f491ced4db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11704
x-xss-protection
0
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pdc=0.3836795806884766&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484dc6cad68ef-FRA
ads
securepubads.g.doubleclick.net/gampad/
59 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2423565064123112&correlator=2121523683410684&eid=31076625%2C31076769&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9e1762e5-f19c-4938-8d9d-60bcfa7404f5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=2&adks=3650863032&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691295958470&lmt=1691287401&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=1615437740.1691295958&ga_sid=1691295958&ga_hid=1344453831&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_onhyJwxSABSAghkEhkKCnB1YmNpZC5vcmcYn4rhyJwxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGP6J4cicMUgAUgIIZBIXCghydGJob3VzZRi7iuHInDFIAFICCGoSGQoKdWlkYXBpLmNvbRj-ieHInDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGM2K4cicMUgAUgIIag..&dlt=1691295957884&idt=360&prev_scp=ti%3D09092d46-a795-4ac5-9e37-349fa93053b9%26chrand%3Dy%26pof%3D0%26bid%3D0.22%26bid-p%3Dgoogle%26bsc%3D70
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ea6116fce21d649cea9ddfb6192e154ec4cf55977e1ed47930199415d966eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14154
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://imgsed.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 06 Aug 2023 04:25:58 GMT
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pdc=0.17646834254264832&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484dcdd1368ef-FRA
sdb.css
live.demand.supply/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4B84TTR0HYCCB4BQBXB73YW
date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
2575927
etag
W/"c7e963c0d989e2de7e1130bf3281bc3e-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7f2484dcdee030d2-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/
0
484 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=imgsed.com_auto_728x90_sticky_display_bottom&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HS6XFV5JN2M3XP0T8Y
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484dcdd1668ef-FRA
ads
securepubads.g.doubleclick.net/gampad/
663 B
343 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2423565064123112&correlator=1065630787730077&eid=31076625%2C31076769&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C840219cb-19cc-4356-9a61-e5772cde584b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=3&adks=2562963076&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691295958544&lmt=1691287401&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1615437740.1691295958&ga_sid=1691295958&ga_hid=1344453831&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_onhyJwxSABSAghkEhkKCnB1YmNpZC5vcmcYn4rhyJwxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGP6J4cicMUgAUgIIZBIXCghydGJob3VzZRi7iuHInDFIAFICCGoSGQoKdWlkYXBpLmNvbRj-ieHInDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGM2K4cicMUgAUgIIag..&dlt=1691295957884&idt=360&prev_scp=ti%3D09092d46-a795-4ac5-9e37-349fa93053b9%26chrand%3Dy%26pof%3D0%26bid%3D0.07%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D70
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b4ac30d0eb77eebf393934d0b79bff84fba7ff6741db832854128ba18d684ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://imgsed.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CA8
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imgsed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47063
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 05 Aug 2023 15:21:35 GMT
expires
Sun, 04 Aug 2024 15:21:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1239
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
392ee9f60b75e3d8c2761f824fa327a22c91c22b1fd90fdb6aa42eac5eee2a63
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sE5SDL6jS3Bn7YDGoFzjlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://imgsed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-sE5SDL6jS3Bn7YDGoFzjlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 04:25:58 GMT
expires
Sun, 06 Aug 2023 04:25:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
pagead2.googlesyndication.com/bg/ Frame 1CA8
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 12:47:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
142691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Aug 2024 12:47:47 GMT
e.js
live.demand.supply/e/
0
477 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484dd1d4d68ef-FRA
ads
securepubads.g.doubleclick.net/gampad/
972 B
508 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2423565064123112&correlator=3068799541695876&eid=31076625%2C31076769&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ccd5f0bdc-b9a1-47ac-a657-60582e930ab9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=1021207636&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D729c629b69bc32c6%3AT%3D1691295958%3ART%3D1691295958%3AS%3DALNI_MaOgAMGo4aF-rX3DvnoXWT2z0QXeQ&gpic=UID%3D00000c4c5d3abe90%3AT%3D1691295958%3ART%3D1691295958%3AS%3DALNI_MamwaJdR9ttmVKNK_vol0XpLg2NzA&abxe=1&dt=1691295958582&lmt=1691287401&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1615437740.1691295958&ga_sid=1691295958&ga_hid=1344453831&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_onhyJwxSABSAghkEhkKCnB1YmNpZC5vcmcYn4rhyJwxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGP6J4cicMUgAUgIIZBIXCghydGJob3VzZRi7iuHInDFIAFICCGoSGQoKdWlkYXBpLmNvbRj-ieHInDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGM2K4cicMUgAUgIIag..&dlt=1691295957884&idt=360&prev_scp=ti%3D09092d46-a795-4ac5-9e37-349fa93053b9%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D70
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58e2a5c4f417cf46e1761c44583118a517bd23b8f79039aa91efe60859e24650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
476
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://imgsed.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1239
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=2423565064123112&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 1CA8
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?7ZFASg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484deae7468ef-FRA
ads
securepubads.g.doubleclick.net/gampad/
77 KB
23 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2423565064123112&correlator=1558231834948530&eid=31076625%2C31076769&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C7f252bc2-f8d7-4008-a336-7d7ecbed8d2b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=2126474764&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D729c629b69bc32c6%3AT%3D1691295958%3ART%3D1691295958%3AS%3DALNI_MaOgAMGo4aF-rX3DvnoXWT2z0QXeQ&gpic=UID%3D00000c4c5d3abe90%3AT%3D1691295958%3ART%3D1691295958%3AS%3DALNI_MamwaJdR9ttmVKNK_vol0XpLg2NzA&abxe=1&dt=1691295958847&lmt=1691287401&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1615437740.1691295958&ga_sid=1691295958&ga_hid=1344453831&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_onhyJwxSABSAghkEhkKCnB1YmNpZC5vcmcYn4rhyJwxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGP6J4cicMUgAUgIIZBIXCghydGJob3VzZRi7iuHInDFIAFICCGoSGQoKdWlkYXBpLmNvbRj-ieHInDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGM2K4cicMUgAUgIIag..&dlt=1691295957884&idt=360&prev_scp=ti%3D09092d46-a795-4ac5-9e37-349fa93053b9%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D70
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff807b444755e29e7b7c8918980ae87f28bb6a9d595c0696f06a411636612da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23801
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://imgsed.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/
0
478 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484deee9768ef-FRA
ads
securepubads.g.doubleclick.net/gampad/
36 KB
15 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2423565064123112&correlator=924076681946399&eid=31076625%2C31076769&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9c715473-72c6-4bfa-b856-e77f61af6bdc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=6&adks=3042356410&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dcd07b70a1452744c%3AT%3D1691295958%3ART%3D1691295958%3AS%3DALNI_ManG9T2tHshpHgE7wXOfkjlzcEjng&gpic=UID%3D00000c4c5d140b29%3AT%3D1691295958%3ART%3D1691295958%3AS%3DALNI_MasgTo073lodm08AI47xUQVE0Vnzg&abxe=1&dt=1691295958871&lmt=1691287401&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1615437740.1691295958&ga_sid=1691295958&ga_hid=1344453831&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_onhyJwxSABSAghkEhkKCnB1YmNpZC5vcmcYn4rhyJwxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGP6J4cicMUgAUgIIZBIXCghydGJob3VzZRi7iuHInDFIAFICCGoSGQoKdWlkYXBpLmNvbRj-ieHInDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGM2K4cicMUgAUgIIag..&dlt=1691295957884&idt=360&prev_scp=ti%3D09092d46-a795-4ac5-9e37-349fa93053b9%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D70
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcd92596bd174506b332e1764e7a75e95230a43420f1830c0dde454723dc950c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15461
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://imgsed.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307180709000/ Frame B1CA
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Aug 2023 13:35:44 GMT
age
399014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62064
x-xss-protection
0
server
sffe
etag
"7c75c6afffb97d84"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 31 Jul 2024 13:35:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame B1CA
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Aug 2023 13:35:44 GMT
age
399014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5274
x-xss-protection
0
server
sffe
etag
"b24c5d555100d699"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 31 Jul 2024 13:35:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame B1CA
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Aug 2023 13:35:44 GMT
age
399014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29021
x-xss-protection
0
server
sffe
etag
"908f04349b1b2df1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 31 Jul 2024 13:35:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame B1CA
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Aug 2023 13:35:44 GMT
age
399014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"5416cfef676738bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 31 Jul 2024 13:35:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame B1CA
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 01 Aug 2023 13:35:44 GMT
age
399014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13013
x-xss-protection
0
server
sffe
etag
"4da616cd662b7cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 31 Jul 2024 13:35:44 GMT
css
fonts.googleapis.com/ Frame B1CA
14 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 06 Aug 2023 04:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 03:09:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 06 Aug 2023 04:25:58 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B1CA
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 04:40:07 GMT
x-content-type-options
nosniff
server
cafe
age
85551
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 06 Aug 2023 04:40:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B1CA
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 15:21:19 GMT
x-content-type-options
nosniff
server
cafe
age
47079
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 06 Aug 2023 15:21:19 GMT
e.js
live.demand.supply/e/
0
482 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.22&b=2&r=imgsed.com_fluid_sq_index&sy=63ed93b9-9e49-484b-a42e-0bc61a3a4020&ts=70&cd=2&pud=267&pus=c&pue=338&pid=20&pis=c&pie=359&ppd=103&pps=a&ppe=442&pcl=126&ttc=652&tti=1077&ttif=0&lca=442&lcak=ppe&lct=442&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=500x280&mlbw=4g&mlcs=NaN&mltp=09092d46-a795-4ac5-9e37-349fa93053b9&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:58 GMT
cf-cache-status
HIT
age
2472126
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484df0eae68ef-FRA
truncated
/ Frame B1CA
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d6ae8f5ab40f0bdb837398c55edd359e012f43509ca6607942cf2def1dbebef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B1CA
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://imgsed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
age
84117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 05:04:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B1CA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date
Sun, 06 Aug 2023 04:25:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame B1CA
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck70K1iDPZKrDHpOcjuwP8-yB4AXI6sCIcrXbzuG-EeiqtpWLAxABIJWbyiFgleKQgqAHoAG919iZA8gBAeACAKgDAcgDCqoE5QFP0OgN_v0XakqX_tuoyiB38jUZho_FeZ-jYhOThmSac4g5B5Q2fUD1NVX3eK-1NckmCyD5P1U9rNGGiBOUNYeu_SjlsxfOdqa7ePDXYvrQWJ3GWlwO9sHE1feNQ8RHh2BaBwJxMUMtOp6yrTcYwVNVkARtfqD3J6AgtpMPG5VFKGkeq9laOjgCWYRF2cPeioxVt7yPSpAwK7oijcHkgxf2ELwq6VFrR7_CeoEW_HG38vNJJZIqYLjo33-k4voA6Ew-ozzcJDl3duA1NQPAIoXcYWQBQ1E1_S_nxJ-J5qhrImbP1ySuwASJp-mPrATgBAGSBQQIBBgBkgUECAUYBIAH6avaxgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCGkhDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQLYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=ZjLkDpwQRhQ&uach_m=[]&cid=CAQSSwBpAlJWg9dPr9q2yeLWHACKQDRnjY5DxC5xiTrYdLTFQlEJFXghyFhfVQgiZv5s9mBa6-CmHcwv7q1St0afambXgr09QTbU4EO3qRgB&cbvp=2
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

container.html
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A942
6 KB
3 KB
Document
General
Full URL
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imgsed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 04:25:58 GMT
expires
Mon, 05 Aug 2024 04:25:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
478 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.2&b=3&r=imgsed.com_auto_interstitial_desktop&sy=63ed93b9-9e49-484b-a42e-0bc61a3a4020&ts=70&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=09092d46-a795-4ac5-9e37-349fa93053b9&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
age
2472127
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484e0d82768ef-FRA
css2
fonts.googleapis.com/ Frame A942
4 KB
767 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 03:05:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 06 Aug 2023 04:25:59 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 2657
76 KB
32 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
Origin
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
br
last-modified
Fri, 04 Aug 2023 16:08:43 GMT
vary
Accept-Encoding
x-azure-ref
20230806T042559Z-a535qx2we50357butsy2rkm0kn00000002m000000000au8w
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2d401542-301e-0028-22ee-c6a39c000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame 2657
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 06 Aug 2023 04:25:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Mon, 05 Aug 2024 04:25:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 2657
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 14:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
49275
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Aug 2023 14:44:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 2657
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 13:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
52736
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8261
x-xss-protection
0
server
cafe
etag
3571037177597359341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Aug 2023 13:47:03 GMT
l
www.google.com/ads/measurement/ Frame 2657
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVlNFyg_wHQgF4eB21hKmZefr6gUna71GahMQk7MUbj-dO9K5Sb_psiumfuysRZZ1OHCSrbBdvKrfae_YiLEwM949vwg
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2657
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 08:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
331654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Aug 2024 08:18:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2657
179 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: imgsed.com
URL: https://imgsed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57430
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690976231057960"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Aug 2023 04:25:59 GMT
c.gif
www.bing.com/aes/ Frame 2657
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=9a580975-2b54-404d-bc1c-09b973dc55a2&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=c620a1a2-7262-4a89-a765-3ad2d40dcbc5&rlin...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=412b4cc0f3774f7292212a3d196bca98&SNR=1&GV=2&med=10
0
547 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=412b4cc0f3774f7292212a3d196bca98&SNR=1&GV=2&med=10
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3900E3653BE34B329AA520E7DE73ED49 Ref B: DUS30EDGE0409 Ref C: 2023-08-06T04:25:59Z
x-cdn-traceid
0.39d53e17.1691295959.4d020c00
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 06 Aug 2023 04:25:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1C5CFEB3DC1F44DFA0C8BD9082B05221 Ref B: MIL30EDGE1117 Ref C: 2023-08-06T04:25:59Z
x-cdn-traceid
0.39d53e17.1691295959.4d020bd6
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=412b4cc0f3774f7292212a3d196bca98&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame A942
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 13:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8604
x-xss-protection
0
server
cafe
etag
15357628606984112601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Aug 2023 13:57:00 GMT
container.html
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A30
6 KB
3 KB
Document
General
Full URL
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imgsed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 04:25:58 GMT
expires
Mon, 05 Aug 2024 04:25:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.17646834254264832&ds=true&e=wdp&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
age
2472127
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484e1387968ef-FRA
truncated
/
182 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
834 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imgsed.com_auto_728x90_sticky_display_bottom&sy=63ed93b9-9e49-484b-a42e-0bc61a3a4020&ts=70&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=09092d46-a795-4ac5-9e37-349fa93053b9&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nf-request-id
01H4PV96HZQ385EVDADA07GM2Q
date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
age
2472127
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7f2484e1487d68ef-FRA
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=2423565064123112&bg=!mJulm8_NAAZGOVy5Zjk7ADkAdvg8WuPQZ24G1uN7wPD_lNphQH5JueCtfYSBu_K1mESRC50t2MjfrKOvgTXwYm0rMuftzQP02vYCAAAAOVIAAAAHaAEHCgBk54ZzQZB7PET6gkXpaKx7FUUk7TYrq4XUc40CezEMCygPbaOZBO1MgXQU91nuCR56ZlafwcANVraUhdvSgd2NCs6NtSsuHwX3A290mey8AIxKG3RlJoJ68-iziGX7nKd_o54u8pkCpCRs8VLwLqDKy4mHdujU4jzjdO3b1hu5xTMPrPexxYt-6W9OpRmZT9Bo8ZQFNkbx8dAGPQA58o2TQujpFO5nqOogPpoFmW2A7RoZQs6fr__yRR3CrNB6CUqGMeiEKtmywt1wYs0x3psjl601sfD8XEIyDiBKghVBe-6deEZTS4poVSJM3uODkNyuRXF3isAWZzZP91VlMK3JoBavkIolrTCTEt5rg1l3J8xsAyvIaRjI0TXZ4DP3fGQSbbI02FKmg57hMvk1wEg1gsbSQ-44CqjUV1udydBmwBsYwh_Isj_hDNHnqqDJVzrk5BUYqBrk2MSeejHdfkPzz_86r54Bz_fJedL0nC4zNT8PIaT4ZM_s85_vyqdTA4w3cV48MLEdRR5S9qsw_JBGzTlEDkd7PkXuB_u3hGFdvw68q8_bJNpAkNPbtNP9V5IMQMuaRHHzvS9l0PbU9c-sW3MLlBg9I688IQD_30DYj83EUvpTr0pDWZhjIWJbzRMty3izqrnYX9N6ZzYHr49YIqULSByhsVmaZuQwML6qRjqdUU24GOWQnjSYlKkzfOj3ybpbylXtrOAYtImzXlhXb8eoYIx4oQNd6AbUIAh-EWITzoUdsyeK_gigVUMf45huqcvutTicJ_7tYAhIWR7uUx6UoL_qDHO-mERl_KMuQMhUcUdm0Yhs8ml2-ld5mDYEwSD4HlBUysAz63cM6Ce9gh59E48eTrHrHUzw1RVOZxgoVM_9xms0T4zaeXs-I9rD9HkKgKew0UM6PMM4mLlsoX6yf5pE6SQQ8EQVLqYUElIWjRDYLK1mgJl3eY1lH_WFdzQJvmvKrA7x7PnRyDsONKAV9JZN86MlFq8bKLOpCbRCNj7K9SMOvtXoPJKd1s-JSBGRgruzoyfyLcE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

dr
as.ad4m.at/ad/ Frame 827F
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1ktszdp5kk5m8t75w53sj2aaxfn3pvp8k3nwcv59c04zf4b6ap2ccrg0bqw7gvcfz2872xw21a2ybccnettbhape56v28s76rhw610m65xv19agf20vz4wgtke388ap50bn3szq03fm83nz9mtme99p5ayyn0adps89xbhqejvfnhqp9nmtdgef3sx6rx573mpq8jfvge6kn7c8eay18mmq819t85axre0bdfs84zg1a1tq5a8xjq6vjrq3gfay767304rwvwy6h3798ve7c8mn20m8vwnz3d2rwgqva4gsjetr512p415s503p3v94r0nrhrf2854ghggyqrpr9etmxmzg7fc55wgw52h7gzpadak7jgttsh06v164y9bn380z0r2rvw3yr2vsc02a40rw49g3p3q3j2c0gzyqx5dme1pg8hnyg1nzyvp7j7dgqe7nzyneg70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f74ec069d48e46a541a8d6379a6c21970a1962865d95f6fac456c7168a44d05
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f2484e19db09b37-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 04:25:59 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 5A30
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 14:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
49275
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Aug 2023 14:44:44 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DDFF
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Mon, 07 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 5A30
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 13:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
52736
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8261
x-xss-protection
0
server
cafe
etag
3571037177597359341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Aug 2023 13:47:03 GMT
l
www.google.com/ads/measurement/ Frame 5A30
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTE6cCPZjBHCh6oBEnqY1yt7oL2lVw_FrdrlfIO4AHJsMAxrecDhRJXxPWYTj9GuScbDz--_JKS4YSrvFZJLde8cIEKMg
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5A30
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 08:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
331654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Aug 2024 08:18:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A30
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57430
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690976231057960"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Aug 2023 04:25:59 GMT
truncated
/ Frame 5A30
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d7206f40e77407c12affae7fd374ebf3c53c1f103e9c37ddad841f21a788d76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame DDFF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFmF4UBQ5Y9TLr3ARx0Xrns&google_cver=1&google_push=AXcoOmQO7NwsDf3dz5jtF3EA6f6dkQ9rP03yYXriRE_xFF3oH2H-1gKLMcb3AKNMUHqDqS78QTvlkYqgs04irk...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDA2MDgzMTc2NjczOTA5Mg%3D%3D&google_push=AXcoOmQO7NwsDf3dz5jtF3EA6f6dkQ9rP03yYXriRE_xFF3oH2H-1gKLMcb3AKNMUHqDqS78QTvlkYqgs04irkXh3h...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDA2MDgzMTc2NjczOTA5Mg%3D%3D&google_push=AXcoOmQO7NwsDf3dz5jtF3EA6f6dkQ9rP03yYXriRE_xFF3oH2H-1gKLMcb3AKNMUHqDqS78QTvlkYqgs04irkXh3hE02FeKk4Q4
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDA2MDgzMTc2NjczOTA5Mg%3D%3D&google_push=AXcoOmQO7NwsDf3dz5jtF3EA6f6dkQ9rP03yYXriRE_xFF3oH2H-1gKLMcb3AKNMUHqDqS78QTvlkYqgs04irkXh3hE02FeKk4Q4
Date
Sun, 06 Aug 2023 04:25:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame DDFF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEGKl5wC6SOtW_SRAziFy9sU&google_cver=1&google_push=AXcoOmQJP1DtQO7ys4gOv6F2VRw1cE5iNQVYpHCuQn0tba6MpYZAWZTCSwEX2h2NHP6fvm3E_vKHcQ0n4cGxMU9yMBMA0IBeEB_a
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=809939810033
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=809939810033
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=809939810033
content-length
0
sync
x.bidswitch.net/ Frame DDFF
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM5deHZlskqxDTgo2Hq78OU&google_cver=1&google_push=AXcoOmQI0Wui1fGbvA3s_Ozd70qu-w1rg_z9P35Vd7bPiRPzaqFWmrw4aSY4qOoWB5NvSgv8OYfWisCLJUpJrW4aHNnkBOwhPhqbNg
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.47.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-47-9.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DDFF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEN5Hvr_nE-77k3Exm2LMT3g&google_cver=1&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZlNI...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN5Hvr_nE-77k3Exm2LMT3g&google_cver=1&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZl...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZlNIYxJuvNQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZlNIYxJuvNQ
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTcLW1fTlZf09dkKXG5Ebb8FG9CeGgZ8mS0SXGEyqaGnY-rR5aISd848fxlKUytd6vI8wn6rGrpzmTT12d8TdzZlNIYxJuvNQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
google
sync-dmp.aura-dsp.com/match/ Frame DDFF
0
0

attr
cm.g.doubleclick.net/pixel/ Frame DDFF
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrRzG7t5T5aBdFr8vwJZ-rC7RPk2oVLGEPuhsPbsoCpbHjrzBCktUtRSl5
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 827F
114 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktszdp5kk5m8t75w53sj2aaxfn3pvp8k3nwcv59c04zf4b6ap2ccrg0bqw7gvcfz2872xw21a2ybccnettbhape56v28s76rhw610m65xv19agf20vz4wgtke388ap50bn3szq03fm83nz9mtme99p5ayyn0adps89xbhqejvfnhqp9nmtdgef3sx6rx573mpq8jfvge6kn7c8eay18mmq819t85axre0bdfs84zg1a1tq5a8xjq6vjrq3gfay767304rwvwy6h3798ve7c8mn20m8vwnz3d2rwgqva4gsjetr512p415s503p3v94r0nrhrf2854ghggyqrpr9etmxmzg7fc55wgw52h7gzpadak7jgttsh06v164y9bn380z0r2rvw3yr2vsc02a40rw49g3p3q3j2c0gzyqx5dme1pg8hnyg1nzyvp7j7dgqe7nzyneg70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ktszdp5kk5m8t75w53sj2aaxfn3pvp8k3nwcv59c04zf4b6ap2ccrg0bqw7gvcfz2872xw21a2ybccnettbhape56v28s76rhw610m65xv19agf20vz4wgtke388ap50bn3szq03fm83nz9mtme99p5ayyn0adps89xbhqejvfnhqp9nmtdgef3sx6rx573mpq8jfvge6kn7c8eay18mmq819t85axre0bdfs84zg1a1tq5a8xjq6vjrq3gfay767304rwvwy6h3798ve7c8mn20m8vwnz3d2rwgqva4gsjetr512p415s503p3v94r0nrhrf2854ghggyqrpr9etmxmzg7fc55wgw52h7gzpadak7jgttsh06v164y9bn380z0r2rvw3yr2vsc02a40rw49g3p3q3j2c0gzyqx5dme1pg8hnyg1nzyvp7j7dgqe7nzyneg70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%26client%3Dca-pub-3831894559014614%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
925971
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1HtRWeQDVwhtqB2cIHJzdAAtOo5VcdcpqT%2BiuTbZ3dwxrZ5rwqa9WMq41yHRvJaccSduwGES%2FWYO0YV1FojosB%2FDv9z41VpD2asa8A%2FjCeBEEZsFHjl7z7S6xlatUADKJZtrO3s%2FBs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f2484e1eddd9b37-FRA
expires
Sun, 06 Aug 2023 05:25:59 GMT
r62eglto.js
ad4m.at/ Frame 827F
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktszdp5kk5m8t75w53sj2aaxfn3pvp8k3nwcv59c04zf4b6ap2ccrg0bqw7gvcfz2872xw21a2ybccnettbhape56v28s76rhw610m65xv19agf20vz4wgtke388ap50bn3szq03fm83nz9mtme99p5ayyn0adps89xbhqejvfnhqp9nmtdgef3sx6rx573mpq8jfvge6kn7c8eay18mmq819t85axre0bdfs84zg1a1tq5a8xjq6vjrq3gfay767304rwvwy6h3798ve7c8mn20m8vwnz3d2rwgqva4gsjetr512p415s503p3v94r0nrhrf2854ghggyqrpr9etmxmzg7fc55wgw52h7gzpadak7jgttsh06v164y9bn380z0r2rvw3yr2vsc02a40rw49g3p3q3j2c0gzyqx5dme1pg8hnyg1nzyvp7j7dgqe7nzyneg70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
388534
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acF%2B8gzLehMQeFQ1i0UBc%2F4AlaEtvJ%2FSzxk8zlm7EceXYWb1euPUGwsdQNldkhhX8X54%2FoOB9CXia5vMCijpL7y2gvqdRSIr6YNwLghDX1oGaLwU%2BiZ%2BRW9DyZuq3UBQnU6%2BkKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f2484e1fdea9b37-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 01 Aug 2023 16:30:15 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 827F
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
270
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROWo8BOKWTl5ynFBuwYUXIUzCVI4gu5E6LUs5qBqqCnx0Bi5A5fUIvxW9pVvKAYVvpNyI83tbRQW8fR%2FwF2iw33LparCUKGp4LaphpETYiigzUmXQlIdUVqvS62JkWXnWSuqZnMbIZhci80xNKPxl0R8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7f2484e25d7891d1-FRA
expires
Sun, 06 Aug 2023 04:26:14 GMT
frame.html
ad4m.at/ Frame 8DDD
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1272006
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f2484e22e0a9bd6-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 06 Aug 2023 04:25:59 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNh%2By2rJXxpHiM9u%2B%2BYSTtxX35PDxxX7A%2Bs2LDnA0P3xRqZkOWNcktBefNMZo3ludPJjGumsrHqya6ws9rUIGtkqwXZQIYWrm33EBpMMX82n39UNxD1DeN4PXraJb8Qwq6TqQos%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
th
www.bing.com/ Frame 2657
13 KB
13 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.7215756656667_11EP7CI7PHAQOHSWQD&pid=21.2&c=17&roil=0.0437&roit=0&roir=0.7083&roib=1&w=379&h=198
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ca50aaab91a295ea486cebf2046df797170064e51bb24559a2faf99afb23fc8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1691295959.4d020c0e
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
12830
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame 2657
0
533 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fimgsed.com&e=wqT_3QLcA-jcAQAAAwDWAAUBCNbBvKYGEIHF6M77xqXQShgAKjYJZ0lfioPq2j8Re-jwZMwb2j8ZAAAAgBSuEEAhew0SACkRJNAxAAAAwB6F4z8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiC8gWAAQGKAQNVU0SSAQEG8OWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCEmh0dHBzOi8vaW1nc2VkLmNvbYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWTh8-42_6u_jfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWXzR_6BQQIABAAkAYAmAYAuAYAwQYAAAEjLPA_0AbCjQTaBhYKEAEQLgEAdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHgvIF0gcNCREqASYM2gcGCAUJeOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAcAI8AY.&s=f1667565943f69f2b2dc13da3d0433efa96b8db7&bdref=https%3A%2F%2Fimgsed.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fimgsed.com%2F,https%3A%2F%2Fe0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2Fe0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
an-x-request-uuid
d9bdcc17-dc67-4008-87d6-756d5199b847
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f2484e26dae9070-FRA
content-length
24
content-type
text/plain
date
Sun, 06 Aug 2023 04:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3k1AaW%2BPy%2FxuCNna8ZWjGWu7tAMMsW5MaHoGfLCqVE7ltLobxCUk%2BpMckgj9K%2FsMWOcesGKZ%2BHkfOrrhcL5WHP3qA7aTYtWIXqpp9DW9Yhs8Sl6BJALa4xUIKm9lhI7uMMIEKQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-m7pg
rs
ad4m.at/ Frame 827F
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14da112ab7a6d6f06849265e982c64ab8e9660bd4f0d9d285ba23ab8a8add1cc

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hebvh1w%2F3rSViJqQaR40tnVKWhRsHofpZgMwYkdsMZAyJ56PFv095LRwv3Hxs4OX1glnW4xrknLwJfkG6ex%2FXWy2xtNk%2BMvMSF4alrNxuRBFKiDDi2cvUIsvSwTtIXiSmQxIC%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f2484e29dc69070-FRA
x-backend-server
aa-reachservice-group-europe-west1-m7pg
alt-svc
h3=":443"; ma=86400
adview
securepubads.g.doubleclick.net/pagead/ Frame 5A30
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdlSL1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEiQJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL-AwIE_Hw8SKZT_PSM_Lo3xDlX5y8RVrrFd-52pdGwBkZFMRzPl64AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=M81Ejf_8kGE&uach_m=[UACH]&cid=CAQSPABpAlJW-Xxifhlf3NP-kgD79L2q19U1Otu7n2D_UPq2NcH3bqyheQ9qw6kuEc95bMp4KK76Xxg6CgfgyhgB&cbvp=2&vis=1
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

winResponse
prod-rtb.ad4mat.net/ Frame 5A30
0
103 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hmpg0dwj1z3edahvjd2xjy2cvqpyry8y74h1d4gzpcyhek03w0tzxkejs26xypxzg8phwda4hh1zjfvfqs52fc2wd17se8brkd19f4g3p97x1b01j06v902f4f61nfbdfde9bmcc4kxyssdfpd9y5hn9202rrzf68t6xkvh5f7wams1p8g90dta9hr736yx5bc08serahy9kh44840y5tdsmxrzd9y102vyb8wx3p76vb301a7xn9mhhbv4q4bxwwd8ew4jy58cvt22e2ny82s40rd1nec41be3bb2ws65bqtz166cjzgg24weg0pj666d49b04v6pxj539nrvryzj1r1n2rsfeavg6mhpfna2v8vj8tgwd1gwt4m822pp17d3m8c3dg8he2bjs&b=ZM8g1gANyUQHg4n7AAHOF6xgElTdamLrBrm-VQ&cbvp=2
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 06 Aug 2023 04:25:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BFEB
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Mon, 07 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vevent
ams3-ib.adnxs.com/ Frame 2657
0
580 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgsed.com&e=wqT_3QKAB-iAAwAAAwDWAAUBCNbBvKYGEIHF6M77xqXQShgAKjYJZ0lfioPq2j8Re-jwZMwb2j8ZAAAAgBSuEEAhew0SACkRJNAxAAAAwB6F4z8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiC8gWAAQGKAQNVU0SSAQEG8FiYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCEmh0dHBzOi8vaW1nc2VkLmNvbYADAIgDAZADAJgDCaADAaoDowMKuQJodAkoHHd3dy5iaW5nASrwYS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jNjIwYTFhMi03MjYyLTRhODktYTc2NS0zYWQyZDQwZGNiYzUmY21FeHBJZD1MVjEmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBjjloAuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkAfF9wMmZfemJvdnlyJmFpZD0ke0FVQ1RJT05fSUR9JndwHRG4UFJJQ0V9EgUxMjA4NRoTNTM3NzQ2MzEyMTE2NTgyMDU0NSIJMzgxODQ2NzE0KgQhVvDeOjhVMlZoY21Ob1FXUWpOekl4TlRVMk9EWXdNek15TWpBak1qTXlNemsxTlRJMk5EVXhNVEkzTnc9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWTh8-42_6u_jfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWXzR_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgHgvIF0gcNFWUBJgzaBwYIBQl44AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=978b684f2fc7f6d2fefa16531eda92168211da3b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=379&bh=198&sid=7259639301500803122&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
an-x-request-uuid
26387e7a-36da-483a-83c7-4ec66db1f038
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rar
as.ad4m.at/ad/ Frame 62EC
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f08149f0a3d3ccdc58e1688fbbbbc8bebbdc19b70de68fb588354495f0c138d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ktszdp5kk5m8t75w53sj2aaxfn3pvp8k3nwcv59c04zf4b6ap2ccrg0bqw7gvcfz2872xw21a2ybccnettbhape56v28s76rhw610m65xv19agf20vz4wgtke388ap50bn3szq03fm83nz9mtme99p5ayyn0adps89xbhqejvfnhqp9nmtdgef3sx6rx573mpq8jfvge6kn7c8eay18mmq819t85axre0bdfs84zg1a1tq5a8xjq6vjrq3gfay767304rwvwy6h3798ve7c8mn20m8vwnz3d2rwgqva4gsjetr512p415s503p3v94r0nrhrf2854ghggyqrpr9etmxmzg7fc55wgw52h7gzpadak7jgttsh06v164y9bn380z0r2rvw3yr2vsc02a40rw49g3p3q3j2c0gzyqx5dme1pg8hnyg1nzyvp7j7dgqe7nzyneg70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%26client%3Dca-pub-3831894559014614%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f2484e39f2c9bd6-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 06 Aug 2023 04:25:59 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
dpixel
cms.quantserve.com/ Frame BFEB
35 B
465 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIU_jKliBSyJ-QhqXJEIHRE&google_cver=1&google_push=AXcoOmTKNHCDqwjxlvsFveGE5u2GcqxcYNd2-sunK0FH2h8RefDcWXIxC91ryzf-27iHp644nE-IckP1YgeWzFZjkC_xiluC97Jg
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFEB
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKftLZHFWlf3zwNgvd0NUGM&google_cver=1&google_push=AXcoOmT8lUnlAOOMUu5Yzoi_-RRs3-rej3NVuQiljJ22RhYbSF1qjSHblM7IgPb-nq2MqLnQqIHsILWXTS9...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8lUnlAOOMUu5Yzoi_-RRs3-rej3NVuQiljJ22RhYbSF1qjSHblM7IgPb-nq2MqLnQqIHsILWXTS98OSDUdSbZSMfOnrcK&google_hm=ZTmGAucFTa2NVd3m7VhPpks
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8lUnlAOOMUu5Yzoi_-RRs3-rej3NVuQiljJ22RhYbSF1qjSHblM7IgPb-nq2MqLnQqIHsILWXTS98OSDUdSbZSMfOnrcK&google_hm=ZTmGAucFTa2NVd3m7VhPpks
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8lUnlAOOMUu5Yzoi_-RRs3-rej3NVuQiljJ22RhYbSF1qjSHblM7IgPb-nq2MqLnQqIHsILWXTS98OSDUdSbZSMfOnrcK&google_hm=ZTmGAucFTa2NVd3m7VhPpks
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BFEB
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJt6LIZeGiq_ONLvZSBU9Gg&google_cver=1&google_push=AXcoOmRe58yhHuJv2E6hrmT6iJxb4h7Y83q60iscImYVbE6QewXLEXfzmSpgTEwjjIZoUhsupOI3y-aVV-djrzbNNT-bh_qE41Y
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame BFEB
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEFj57ek83REPlYeJ20o-OaI&google_cver=1&google_push=AXcoOmTFjm6yksQYbEZjk2xEIk2SI0OifSrYPQLhbmUoOzkyzzz41P4wQSHPeDbPPWM78RvYOJwkebvjLvf92tel9fXIZKxabmpE
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YzJTQ0kwWk9DSEtlemM2YzJDRFBaQQ%3D%3D&google_push=AXcoOmTFjm6yksQYbEZjk2xEIk2SI0OifSrYPQLhbmUoOzkyzzz41P4wQSHPeDbPPWM78RvYOJwkebvjLvf92...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YzJTQ0kwWk9DSEtlemM2YzJDRFBaQQ%3D%3D&google_push=AXcoOmTFjm6yksQYbEZjk2xEIk2SI0OifSrYPQLhbmUoOzkyzzz41P4wQSHPeDbPPWM78RvYOJwkebvjLvf92tel9fXIZKxabmpE
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:26:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 06 Aug 2023 04:26:00 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=YzJTQ0kwWk9DSEtlemM2YzJDRFBaQQ%3D%3D&google_push=AXcoOmTFjm6yksQYbEZjk2xEIk2SI0OifSrYPQLhbmUoOzkyzzz41P4wQSHPeDbPPWM78RvYOJwkebvjLvf92tel9fXIZKxabmpE
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
pixel
cm.g.doubleclick.net/ Frame BFEB
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEN5Hvr_nE-77k3Exm2LMT3g&google_cver=1&google_push=AXcoOmTSmb_OV805safTaObdU7yOpkanxEPwA_orppvcT_xLdvC10Zw91CFTJ98JYOZR5_rAAUkWH6FtPNk7eg0ITnqCA4R...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTSmb_OV805safTaObdU7yOpkanxEPwA_orppvcT_xLdvC10Zw91CFTJ98JYOZR5_rAAUkWH6FtPNk7eg0ITnqCA4R6mTs
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTSmb_OV805safTaObdU7yOpkanxEPwA_orppvcT_xLdvC10Zw91CFTJ98JYOZR5_rAAUkWH6FtPNk7eg0ITnqCA4R6mTs
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTSmb_OV805safTaObdU7yOpkanxEPwA_orppvcT_xLdvC10Zw91CFTJ98JYOZR5_rAAUkWH6FtPNk7eg0ITnqCA4R6mTs
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BFEB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO4XBQG8Hq-YX9jlzzwfN6U&google_cver=1&google_push=AXcoOmRyNIAL8LXlcFHBJEkLDuftKNam7Z1gGmXv5rFv2O5iXgCJsPQ-75LTkM9XEhaf6e2G4X1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtZWFkySlQtUy1FQzU3&google_push=AXcoOmRyNIAL8LXlcFHBJEkLDuftKNam7Z1gGmXv5rFv2O5iXgCJsPQ-75LTkM9XEhaf6e2G4X1a9opsBBl2_bGtvQ0S3TUD8dw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtZWFkySlQtUy1FQzU3&google_push=AXcoOmRyNIAL8LXlcFHBJEkLDuftKNam7Z1gGmXv5rFv2O5iXgCJsPQ-75LTkM9XEhaf6e2G4X1a9opsBBl2_bGtvQ0S3TUD8dw
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtZWFkySlQtUy1FQzU3&google_push=AXcoOmRyNIAL8LXlcFHBJEkLDuftKNam7Z1gGmXv5rFv2O5iXgCJsPQ-75LTkM9XEhaf6e2G4X1a9opsBBl2_bGtvQ0S3TUD8dw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame BFEB
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBGBWqSuyhmP0rYBJrHwBLc&google_cver=1&google_push=AXcoOmSDJJ7hiutkVE8ymWTMRm90hWGjHkEoH81PSJNiy5_B0x0D8p44MxpvKg4DlpzE24ZvX3uZG_GQiYfaEgLnF_uhYMDovyE
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BFEB
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOIPlZlg1GAlBbze83hHuczYzY3H04JSRMSVsllzUIZ6PhTb1Dm2iXlpR7Ml4ve1YbxuMH
Requested by
Host: e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
URL: https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 62EC
114 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
925971
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFURNVg9OMBGQEo2Hkv2vptCxZrD1FWl5LMeVsEnaWYuwQ%2BmtCxEcPqcg6JmbKRZcF83BcRA0P2B8hRVmxaJ8Gl4P7Gh6KpbZZ0be%2BIfgyNE%2Blv%2F1YPmTuA%2B0TW4lFqEAxrBlyV1Qok%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f2484e3cf4d9bd6-FRA
expires
Sun, 06 Aug 2023 05:25:59 GMT
807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 62EC
6 KB
6 KB
Image
General
Full URL
https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2024441
cf-polished
origFmt=png, origSize=11357
alt-svc
h3=":443"; ma=86400
content-length
5848
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 08:41:46 GMT
server
cloudflare
etag
"ccfbd2e3feb27487a1f6d1f6b03866aa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EocJtFeiAOgQAqnKJ1%2FFuuPtZ58%2FImmMnksI9PVbHLYEymMO3g%2BSWLVG%2BgthkoCGf23K59vNCI%2Bl3mczkANFan6AcHBawAq1HlcDxkaJHL71wi1Be2B%2By2vtdxKuG7AqAIYDdXJpXvmaasFD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f2484e3ef089b37-FRA
expires
Mon, 07 Aug 2023 04:25:59 GMT
2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 62EC
183 KB
184 KB
Image
General
Full URL
https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
814891
cf-polished
origFmt=png, origSize=289744
alt-svc
h3=":443"; ma=86400
content-length
187558
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 11:11:49 GMT
server
cloudflare
etag
"17decb4f4cab809ec8159433a7f13627"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3pH%2BIt96VMS7kdIHbT0X%2F24IrSK3EmO0EEsp833HjemMtgQe9BviVbEOjNATQXUaPLq%2FPjNO8Cl%2FSAgBEwYkcZIDAEszuhUzozAMkE3lyR%2FthUhz98SeGLADQZuDIXRPx%2FBQ%2BlmTJK436Pb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f2484e3ef039b37-FRA
expires
Mon, 07 Aug 2023 04:25:59 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 62EC
53 KB
54 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1522996
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFZmPu5a5J%2F0761rbngV7cyXkSHLGtB2E4R2qStgG8z8aFU%2BYSz7rdWpD6FlMRR%2FwmyDsk0XWT5tp0UPca51s05PPsqrIgIu%2FkI4NNi7Z75%2FAVe5RS0AGI%2BioC6ZLLQp4J18cv%2F4purxD5lg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f2484e3ef049b37-FRA
expires
Mon, 07 Aug 2023 04:25:59 GMT
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame 62EC
33 KB
34 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289737
cf-polished
qual=85, origFmt=jpeg, origSize=156576
alt-svc
h3=":443"; ma=86400
content-length
34068
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwCAahCCLhtyydw76KLfLF3NaijIAxFBADsOCHMREgAy8uCEMtKQ6dN%2FzeMlMIXOZntuHGhJllYB7jf9uVjrZu8X9BmFN4%2FBTgM2sIXg0RRUeYuu8ZtqMG3iaA%2BZurSqUuxuzQZ1xryz1btZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f2484e3ef099b37-FRA
expires
Mon, 07 Aug 2023 04:25:59 GMT
/
partner.o2online.de/a/ Frame 62EC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN7QjbeYx4ADFSfKuwgd-YsCQA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite...
49 B
1 KB
Image
General
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117683&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 06 Aug 2023 04:26:00 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117683&partnerid=12218
date
Sun, 06 Aug 2023 04:26:00 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 62EC
36 KB
36 KB
Image
General
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
989617
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjcVrlA7fi5rskQd48POw9Hwl4fb4rs1jRB5kk4afATJVLaehnYGkmz9AxOve4VEzuRQMUrTH2v5hWA5Sg9e913skMV9x%2FgtonuSxthYHEwja7D%2F121l3RyBUSmYdas7ZCt6mr5TVtaFx7%2FW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f2484e3ef069b37-FRA
expires
Mon, 07 Aug 2023 04:25:59 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 62EC
38 KB
38 KB
Image
General
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2014517
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqiv%2BlJEiC9BPGvkbRIHEkLvHUKd5sgSumhI%2BmrTaS6L98LGbc5%2BXEINaue7OYPGtChvgILfW7XlVD81rECrek3krNqWCW%2FmYKEet8DmCt3CL45qayjgPWbfgnpnL3vwrclncF4%2FSr9ZBdfP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f2484e3ef079b37-FRA
expires
Mon, 07 Aug 2023 04:25:59 GMT
cshow.php
www.awin1.com/ Frame 62EC
43 B
703 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 06 Aug 2023 04:25:59 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame 62EC
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hcj8q706qqray8zgnj5mcexhbcnmsgeg2z8xk582bm00ehb5mxrt6f08z80baj9wd89pf63qsymayrrwagysvt2w8367kdmdgryy9ncbqz0zbjqqmac7ncy9n055wjdphy92eq0nmr9mjwbmnpvajfxqwvrtsrxtk64vx10z0xpwh5trzsvfnx1tyt1dahgmaghk7n1p5d9r40m38jhw2ch8wf7vvazqh9bsd48xkqspm3d1k3gwcqj4nvs88vxtqb0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.110.74 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-110-74.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6e3e7828464a838bee2610cb010cfddef0155e58902d87983f670c5475e6fecd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
last-modified
Sun, 06 Aug 2023 04:25:59 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 06 Aug 2023 04:26:59 GMT
pvClk.min.js
analytics.webgains.io/ Frame 62EC
85 KB
31 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hcj8q706qqray8zgnj5mcexhbcnmsgeg2z8xk582bm00ehb5mxrt6f08z80baj9wd89pf63qsymayrrwagysvt2w8367kdmdgryy9ncbqz0zbjqqmac7ncy9n055wjdphy92eq0nmr9mjwbmnpvajfxqwvrtsrxtk64vx10z0xpwh5trzsvfnx1tyt1dahgmaghk7n1p5d9r40m38jhw2ch8wf7vvazqh9bsd48xkqspm3d1k3gwcqj4nvs88vxtqb0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9d111b6420f698c67110f8946a9e8509161940d3ec26c48933ee9c2289ecbd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 12:13:07 GMT
content-encoding
gzip
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jul 2023 12:12:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
58374
etag
W/"00a433fd3ec769592a019a218791a591"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
-mAFot-6q0qFVyn7wBVpIFySPufSQlr2fL30zy9mMxKPOFyqmYfZ5A==
link.html
track.webgains.com/ Frame 62EC
90 KB
90 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.110.74 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-110-74.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 04:25:59 GMT
last-modified
Sun, 06 Aug 2023 04:25:59 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 06 Aug 2023 04:26:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B1CA
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst30K8bxPM2HOihegJ1bgXJf5iFaWnWggi22LHU96ZMmwZRy0RPy6HQSEFQ0XfIppiMrsWgBpSi0xu18OSeboTClEIU6TiIAiU3RJr-jPIcOI8mSdpdsoWLScCvU1gA2ZmkxNR84je5nG66&sai=AMfl-YQHNWVD26kX7VKjY3Oi-VTxpctJSS3hhzFqBr_ACOcih6wyCkaO3ihJS4lmpES9iKKcZrg6R2YwivFCFxUtYC_EbCGWH-gb0JZyHcLxU6h73kOiWFi9iAx_31_7CsKIntCujW7RtWLfMxrQ&sig=Cg0ArKJSzCNujqt_oJnGEAE&cid=CAQSSwBpAlJWg9dPr9q2yeLWHACKQDRnjY5DxC5xiTrYdLTFQlEJFXghyFhfVQgiZv5s9mBa6-CmHcwv7q1St0afambXgr09QTbU4EO3qRgB&id=ampim&o=550,298&d=500,320&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=117&tls=1117&g=100&h=100&tt=1117&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:26:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A30
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEnhyUgVDbBLP4svK9g5XyeY2X8O2c8I06NRV1peGm_5XsD8p2gSj6C0tXFmYxGYnOsFQgftGK8GG0hgckE32z9XZL2l_IuRCw2nzP&sig=Cg0ArKJSzDJ86hunrEPNEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1406&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3042356410&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691295959237&rpt=93&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:26:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 62EC
16 B
209 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.46.112 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-46-112.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 06 Aug 2023 04:26:01 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.46.112 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-46-112.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 06 Aug 2023 04:26:00 GMT
server
nginx
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je3820&_p=1344453831&cid=1615437740.1691295958&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1691295958&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=scroll&epn.percent_scrolled=90&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imgsed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 04:26:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://imgsed.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEIi7vvXzFty22GEi9yULJHo&google_cver=1&google_push=AXcoOmSCbJjdU1O3mQ6KXHleXELYpUW4aXJArwVuq4ity8KPtsic1IQWwT9YafHxbGvM5gMhtZJduDJWQfN99Miv7dWYySnbw-VIBzg

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| lh object| dspbjs object| demandSupplyFS object| _app object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo object| Criteo_identitytag_139 object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

29 Cookies

Domain/Path Name / Value
.imgsed.com/ Name: _ga
Value: GA1.1.1615437740.1691295958
.imgsed.com/ Name: _ga_GC2VPDBYKB
Value: GS1.1.1691295958.1.0.1691295958.0.0.0
live.demand.supply/ Name: demandSupplyTi
Value: 09092d46-a795-4ac5-9e37-349fa93053b9
.demand.supply/ Name: __cf_bm
Value: 1agUHLp_hlXqrftBCIX3Pc09O9OkUCMM49gPHLNjSwc-1691295958-0-AZ+SFcO4rkPyb/EnxAPqa222tnJBkisLBWA9xlJz8vZRFuS3YxFzEi0toWqs1E41BREP4YOM9UCv7RteA9Qq0ro=
.criteo.com/ Name: uid
Value: 8c0daead-fd76-47c3-a312-3b63f3ca7caf
.imgsed.com/ Name: cto_bundle
Value: KaSDQ19GMk5TZThsVFV3MjVGYVAxaXV1c1RBYnJsQVJZSiUyRlkyUzR5a3FrZDlIVm9kc2JCWiUyRnhKenJEd3FzTkdGdEJiUHlBNTdPNWRYSnZQbmVZWTg5a1Q2RkEzeFhuUXo3UyUyQkVXUFc3amNGS3pwajBlSEV0eFlWbTZYTyUyQnd0YXRIekhFMmltRng0cm50Y0dPR0lUY0hzSkJaZyUzRCUzRA
.doubleclick.net/ Name: IDE
Value: AHWqTUkc2q_mk60pii5kRvmrKR4GgeNYtG_r4IWKSaGBCka7nPOl7RgJG5VJF6VFnQE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.imgsed.com/ Name: __gads
Value: ID=786702dcb26873b2:T=1691295958:RT=1691295958:S=ALNI_MZC4lNnrCvfzzE0wzGITn1Qkw5ojA
.imgsed.com/ Name: __gpi
Value: UID=00000c4c5d20c17c:T=1691295958:RT=1691295958:S=ALNI_MawlQLti2zaoM1JbRUVc7eYEDIeoQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adfarm1.adition.com/ Name: UserID1
Value: 7264060831766739092
.acuityplatform.com/ Name: auid
Value: 809939810033
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRHIjBEmAmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURyIwRJgI90aGlyZFBhcnR5VXNlcklkWkNBRVNFR0tsNXdDNlNPdFdfU1JBemlGeTlzVfv7hnZlcnNpb27C+w=="
.de17a.com/ Name: guid
Value: 1.5627158268014422901
.bing.com/ Name: MUID
Value: 0B324F317CB064612C905C547D6D65AF
.quantserve.com/ Name: d
Value: EGMBCQHSKYEA
.quantserve.com/ Name: mc
Value: 64cf20d7-9c1aa-959d7-a77c4
.blismedia.com/ Name: b
Value: 64CF20D7D83A86125E2D85FBBLIS
.ctnsnet.com/ Name: gid_CAESEKftLZHFWlf3zwNgvd0NUGM
Value: 1
.ctnsnet.com/ Name: cid_65398602e7054dad8d55dde6ed584fa6
Value: 1
.awin1.com/ Name: awpv14702
Value: 412871|1691295959|586422f1-3411-11ee-8502-226591661de6
.awin1.com/ Name: AWSESS
Value: 365825:2531885
.doubleclick.net/ Name: APC
Value: AfxxVi5ym_8K1Fduyw3K6iKda8biHSssFT-XaRZDbdA_gyr0O0gYNQ
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MTI5NTk2MHZsZWExZGUyMDIzMDgwNjA2MjYwMDg3NTkzOTEzODYxWDExNzY4M1YxMjI2MTMyNzAyTVN2aWV3b25laWRXR2RjcmZkZlBlOWZZSDVIanR4dFhYR2EzU0VUVjNxUzUzQWVvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTI4X1dFQkdBSU5TTU9TVExZMTE3Njgz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023080606260087593913861X117683V1226132702MSviewoneidWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Aeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117683&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MTI5NTk2MHZsZWExZGUyMDIzMDgwNjA2MjYwMDg3NTkzOTEzODYxWDExNzY4M1YxMjI2MTMyNzAyT
.c.appier.net/ Name: _auid
Value: c2SCI0ZOCHKezc6c2CDPZA
.c.appier.net/ Name: _gu
Value: CAESEFj57ek83REPlYeJ20o-OaI

8 Console Messages

Source Level URL
Text
security error URL: https://as.ad4m.at/ad/dr?ed=1ktszdp5kk5m8t75w53sj2aaxfn3pvp8k3nwcv59c04zf4b6ap2ccrg0bqw7gvcfz2872xw21a2ybccnettbhape56v28s76rhw610m65xv19agf20vz4wgtke388ap50bn3szq03fm83nz9mtme99p5ayyn0adps89xbhqejvfnhqp9nmtdgef3sx6rx573mpq8jfvge6kn7c8eay18mmq819t85axre0bdfs84zg1a1tq5a8xjq6vjrq3gfay767304rwvwy6h3798ve7c8mn20m8vwnz3d2rwgqva4gsjetr512p415s503p3v94r0nrhrf2854ghggyqrpr9etmxmzg7fc55wgw52h7gzpadak7jgttsh06v164y9bn380z0r2rvw3yr2vsc02a40rw49g3p3q3j2c0gzyqx5dme1pg8hnyg1nzyvp7j7dgqe7nzyneg70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%26client%3Dca-pub-3831894559014614%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=175059%2C13957%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CWGdcrfdfPe9fYH5HjtxtXXGa3SETV3qS53Ae%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C5RECXfEfMekFpH7HMtkCEE1cYSVTp3MCQ96K%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=a70bc009a2b3b5024161f336143cddc0%2F4721337338427664166&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691295959474&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j0sqhn9adv5kh2sb1e36jm8qrcry59kezgg8gmfspjg9g0hsg8wnv2vdch7ksjy8d5rnc4rhf0qyryxyscvvv4628y028vxek5cszsm3b8z74x7w4s6bs4enh6vxypv0p4nzf1dmqjmy6rr517bzdkt2bcbywj6xvbffjm2r3pjz09kncf6e1vs7z8kkz07cfv7yqh936h9ebm7ythnkwfct1pjrjr7f4jzgagmphr0md2c639mr7633ncn7ysjg145ed4eyqvhjh7yxx3rgy03sr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2Gbh1iDPZMSSN_uTjuwPl5yHqASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEjAJP0EQVOhNRQL7iuOUb_sDzzGIRo1ATECR7QNeJDrvJxxCt7TNh0rE_2NiHmzL-_TINlXSX8aeH7vNs3UDmIVHtQE5oQ8q1IMuESATxHdkrgepxsOdgdeFLZJKDNs0u6HAau7Tyf5f68H3OSH1DM1xBh3M1mDPk2TkgcKEQoqwd_IMHqzTpl3ZFeEeKtiwtQpG01GR0YT28lPfiP2KonKwDmORrj6-Uqrah-07jl9Nr1DzlCR_0ytUTz0zXS9oB9XfayvqfH7pdUpj-86fD8W3nz6w3U08EqU8WuTgQW7nXM9ylL6IyAd0QOkPKrbiH3hWCMY56gXTf-ztzcde8rviljx5IfIbNU7myjPIn4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0P-SuG899TypBifxSp4O9oUlVx3Q%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ad.doubleclick.net
ad4m.at
adsdk.microsoft.com
ams3-ib.adnxs.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bcp.crwdcntrl.net
cdn.adnxs.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dsp.adfarm1.adition.com
e0de82bd025c21618ed622943303c51e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
imgsed.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
partner.o2online.de
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
s1.imgsed.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static-de.ad4mat.net
static.criteo.net
sync-dmp.aura-dsp.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ums.acuityplatform.com
www.awin1.com
www.bing.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
sync-dmp.aura-dsp.com
13.42.110.74
142.250.185.194
142.250.186.38
154.59.122.79
162.19.138.82
167.233.13.224
172.105.232.22
178.250.7.13
18.192.47.9
18.66.147.41
184.30.16.183
185.86.138.151
185.89.210.212
2001:4860:4802:34::36
213.155.156.183
2600:1901:0:76b9::
2600:9000:2057:8e00:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700:20::681a:61b
2606:4700:20::681a:a84
2606:4700:20::681a:ad1
2606:4700::6810:5514
2606:4700::6810:8616
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:46::42
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:22::1726:62f9
3.11.46.112
3.248.0.230
34.96.105.8
34.96.70.87
35.186.193.173
65.9.66.97
69.173.144.139
84.200.5.215
85.114.159.118
92.123.148.9
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d6ae8f5ab40f0bdb837398c55edd359e012f43509ca6607942cf2def1dbebef
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
14da112ab7a6d6f06849265e982c64ab8e9660bd4f0d9d285ba23ab8a8add1cc
1adccf6c93cef96635e609eb89bec05a73f42c238f1e1db2bff8200d6c502d57
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6116fce21d649cea9ddfb6192e154ec4cf55977e1ed47930199415d966eb6
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34398d4775c6decebdeee7b25496dbd028b3f7be04a649163dfe96e349270e10
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
392ee9f60b75e3d8c2761f824fa327a22c91c22b1fd90fdb6aa42eac5eee2a63
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4f08149f0a3d3ccdc58e1688fbbbbc8bebbdc19b70de68fb588354495f0c138d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e680a9691665857f66e4245441b73ffdef341dcdf7502275e16e9e01bdcb5b
58e2a5c4f417cf46e1761c44583118a517bd23b8f79039aa91efe60859e24650
5bdf1f48701fc211a6c4150d349274d425e63f93865e7255d6fd1df1316b8f8b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6d7206f40e77407c12affae7fd374ebf3c53c1f103e9c37ddad841f21a788d76
6e3e7828464a838bee2610cb010cfddef0155e58902d87983f670c5475e6fecd
6f74ec069d48e46a541a8d6379a6c21970a1962865d95f6fac456c7168a44d05
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
7576d51eef6950beaf153bd4c93d1f8050aa7f1f88be379b40d835d7c713323b
782fedc9adca0c5dd78406c40b52452f8f7d85b6eacc131573444b5d2b18b81d
78cd6316cf8898d0c588b2addd9c75da15c5c63b7537282d3b4744d7349e3d0f
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7b4ac30d0eb77eebf393934d0b79bff84fba7ff6741db832854128ba18d684ea
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8c4fe55f050619e96dc1ea93f5a29f6fd50fb47948cb2072bbbebeb0605c059f
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99e53a0dd17294b2d4a02719c1f59973bd168df2f7e179a0eda7476df40797db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a815583123c761b2f05b654ceae43e892e3f8d64d8c1aecc0b7f56f127553804
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad426d1dc2d0d527e2ad3f0e36344c25d9893546a49353e19bd991bd1b1638a8
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b2688d91132f25349b30bcf2767345d5bb4466d1ecf7473f3caff31f300c25c0
b91c7f7132284ae21f04877286367498d3ef6a2e597358dd40570c28e827cf3d
b9d111b6420f698c67110f8946a9e8509161940d3ec26c48933ee9c2289ecbd0
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bcd92596bd174506b332e1764e7a75e95230a43420f1830c0dde454723dc950c
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c5a68867fa9950352144779960ba6c4c1b846449a3a7c9a3041230f491ced4db
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca50aaab91a295ea486cebf2046df797170064e51bb24559a2faf99afb23fc8b
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fbd0698059d8e1719c2d21ebfa7353e2845716957e136b156a20034f6e6dc6aa
ff807b444755e29e7b7c8918980ae87f28bb6a9d595c0696f06a411636612da3