urlscan.io logo urlscan.io
SecurityTrails logo

imageedited.com Open in urlscan Pro
69.163.178.75  Public Scan

Go To Rescan Add Verdict Report
URL: http://imageedited.com/
Submission: On September 13 via manual from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 10 domains to perform 71 HTTP transactions. The main IP is 69.163.178.75, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is imageedited.com.
This is the only time imageedited.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 69.163.178.75 26347 (DREAMHOST-AS)
13 142.250.74.130 15169 (GOOGLE)
1 142.250.74.138 15169 (GOOGLE)
12 142.250.74.34 15169 (GOOGLE)
3 142.250.74.46 15169 (GOOGLE)
2 172.217.21.162 15169 (GOOGLE)
4 142.250.74.98 15169 (GOOGLE)
3 142.250.74.106 15169 (GOOGLE)
17 172.217.21.161 15169 (GOOGLE)
6 216.58.207.195 15169 (GOOGLE)
2 216.58.211.3 15169 (GOOGLE)
2 216.58.207.227 15169 (GOOGLE)
1 2 216.58.207.228 15169 (GOOGLE)
71 14
5    69.163.178.75 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: sosa4u.com
imageedited.com
13    142.250.74.130 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.de
1    142.250.74.138 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f10.1e100.net
ajax.googleapis.com
12    142.250.74.34 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f2.1e100.net
googleads.g.doubleclick.net
partner.googleadservices.com
adservice.google.de
3    142.250.74.46 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f14.1e100.net
www.google-analytics.com
2    172.217.21.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra07s64-in-f162.1e100.net
adservice.google.com
4    142.250.74.98 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f2.1e100.net
www.googletagservices.com
3    142.250.74.106 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f10.1e100.net
fonts.googleapis.com
17    172.217.21.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra07s64-in-f161.1e100.net
tpc.googlesyndication.com
6    216.58.207.195 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn11s04-in-f3.1e100.net
www.gstatic.com
fonts.gstatic.com
2    216.58.211.3 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: muc03s13-in-f3.1e100.net
p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com
2    216.58.207.227 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f3.1e100.net
p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com
2    216.58.207.228 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f4.1e100.net
www.google.com
Domain Requested by
17 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 pagead2.googlesyndication.com imageedited.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
imageedited.com
www.googletagservices.com
5 imageedited.com imageedited.com
4 www.gstatic.com googleads.g.doubleclick.net
4 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 www.google-analytics.com imageedited.com
www.google-analytics.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com
2 p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com imageedited.com
71 16

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 15 frames:

Primary Page: http://imageedited.com/
Frame ID: 28FB1F18393E85200EC07B865AC5AC93
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: ADBEE7B08C683E051ECC15EA9BAFE29E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Frame ID: 5A8F109B1E4750F5050749A58477AA03
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&adk=1812271804&adf=1573534164&lmt=1473300960&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fimageedited.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631558240266&bpp=1&bdt=388&idt=262&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4149754805599&frm=20&pv=1&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=267
Frame ID: B024F7F0EFBA478C481096ACE09A5915
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1E9ACD04220B83247DFAA9CDC2FBA0F1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2FE39C09C04BCD8DC4CE20C7BA7BDD1A
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Frame ID: D9974C69EC56FFFCCB645356F3461CA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D6E79B8CA9EE20233908179E81568D4B
Requests: 2 HTTP requests in this frame

Frame: https://p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: A1D11628DD8C82F45C80758E3E6F8793
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BFD44A5BCEA0F05E10FE5AD243634F95
Requests: 7 HTTP requests in this frame

Frame: https://p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: E4BFD4CC5FC4C9DE5656CD8955A6654D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Frame ID: 4AA46BAF852179287BF2A073115C0D0D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Frame ID: 20E6830F1D0F8FDB6A7FB84D164612AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AA99CB1F15998D95AE7A6237E3956206
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A6B8F4B338838878B5BC999A9B47AC1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Image Edited?

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

90 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

14
IPs

1
Countries

746 kB
Transfer

2005 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 57
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 63
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=468558814&t=timing&_s=2&dl=http%3A%2F%2Fimageedited.com%2F&ul=en-us&de=UTF-8&dt=Image%20Edited%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2947&pdt=1&dns=105&rrt=0&srt=174&tcp=172&dit=838&clt=838&_gst=838&_gbt=1066&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1594447948.1631558240&tid=UA-21217768-2&_gid=731968509.1631558240&z=1083388829 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=468558814&t=timing&_s=2&dl=http%3A%2F%2Fimageedited.com%2F&ul=en-us&de=UTF-8&dt=Image%20Edited%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2947&pdt=1&dns=105&rrt=0&srt=174&tcp=172&dit=838&clt=838&_gst=838&_gbt=1066&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1594447948.1631558240&tid=UA-21217768-2&_gid=731968509.1631558240&z=1083388829

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
imageedited.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imageedited.com/
Protocol
HTTP/1.1
Server
69.163.178.75 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
sosa4u.com
Software
Apache /
Resource Hash
6903797b064234a3d368ec054819dfbc164b949fc0afbbb5eeb429ab0a2cd576

Request headers

Host
imageedited.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 13 Sep 2021 18:37:19 GMT
Server
Apache
Upgrade
h2
Connection
Upgrade, Keep-Alive
Last-Modified
Thu, 08 Sep 2016 02:16:00 GMT
ETag
"22fe-53bf59c5e3800-gzip"
Accept-Ranges
bytes
Cache-Control
max-age=600
Expires
Mon, 13 Sep 2021 18:47:19 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
3297
Keep-Alive
timeout=2, max=100
Content-Type
text/html
site.css
imageedited.com/css/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://imageedited.com/css/site.css
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
HTTP/1.1
Server
69.163.178.75 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
sosa4u.com
Software
Apache /
Resource Hash
04150c9eb6d733deb91a43dd9d630d4f6780580534d2aa0e6bea46eddd6fb44b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
imageedited.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://imageedited.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 18:37:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2015 17:12:14 GMT
Server
Apache
ETag
"4817-516ff3a4ab780-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
6085
Expires
Wed, 13 Oct 2021 18:37:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
HTTP/1.1
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a3ccfe729f4eb8f11c2f6642c7d241bc017fa6c21d5a9331091e0754dd08dad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 13 Sep 2021 18:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
12691634488728168352
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49519
X-XSS-Protection
0
Expires
Mon, 13 Sep 2021 18:37:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.0/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
HTTP/1.1
Server
142.250.74.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f10.1e100.net
Software
sffe /
Resource Hash
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 16:17:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
94783
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33285
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 12 Sep 2022 16:17:36 GMT
jquery.ui.widget.js
imageedited.com/js/vendor/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imageedited.com/js/vendor/jquery.ui.widget.js
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
HTTP/1.1
Server
69.163.178.75 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
sosa4u.com
Software
Apache /
Resource Hash
2a6ace797c9cd5d9dd1fcddf24796fb0835860d7b8719b3a469bf62c512ea48c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
imageedited.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://imageedited.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 18:37:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2015 17:12:20 GMT
Server
Apache
ETag
"1c71-516ff3aa64500-gzip"
Vary
Accept-Encoding,User-Agent
Upgrade
h2
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=2, max=100
Content-Length
2488
Expires
Wed, 13 Oct 2021 18:37:19 GMT
jquery.iframe-transport.js
imageedited.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imageedited.com/js/jquery.iframe-transport.js
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
HTTP/1.1
Server
69.163.178.75 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
sosa4u.com
Software
Apache /
Resource Hash
cff9ed64c7000eb676119474813c680238228d7a0e77c6ebc1a18ba80853b394

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
imageedited.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://imageedited.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 18:37:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2015 17:12:18 GMT
Server
Apache
ETag
"1fe5-516ff3a87c080-gzip"
Vary
Accept-Encoding,User-Agent
Upgrade
h2
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=2, max=100
Content-Length
2242
Expires
Wed, 13 Oct 2021 18:37:20 GMT
jquery.fileupload.js
imageedited.com/js/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imageedited.com/js/jquery.fileupload.js
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
HTTP/1.1
Server
69.163.178.75 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
sosa4u.com
Software
Apache /
Resource Hash
b706a00b3669faec239643bdf3c140fdb2a9e2fc47721a1cc460b6d612f66785

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
imageedited.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://imageedited.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 18:37:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2015 17:12:18 GMT
Server
Apache
ETag
"c0f7-516ff3a87c080-gzip"
Vary
Accept-Encoding,User-Agent
Upgrade
h2
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=2, max=100
Content-Length
10663
Expires
Wed, 13 Oct 2021 18:37:20 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95416
x-xss-protection
0
server
cafe
etag
8941794579414213630
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 13 Sep 2021 18:37:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame ADBE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imageedited.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 13 Sep 2021 17:04:16 GMT
expires
Mon, 27 Sep 2021 17:04:16 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
5584
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5165
date
Mon, 13 Sep 2021 17:11:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 13 Sep 2021 19:11:15 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=468558814&t=pageview&_s=1&dl=http%3A%2F%2Fimageedited.com%2F&ul=en-us&de=UTF-8&dt=Image%20Edited%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1348405967&gjid=238262411&cid=1594447948.1631558240&tid=UA-21217768-2&_gid=731968509.1631558240&_r=1&_slc=1&z=598967816
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://imageedited.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 18:37:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://imageedited.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=imageedited.com&callback=_gfp_s_&client=ca-pub-1228592405957699
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
cdfc0999e63673ade0321ad3ceebf4baa88cc9064482841d204aa8f4e78dc554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=imageedited.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 18:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=imageedited.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 18:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5A8F 		78 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e0e47cab4ea3ad9745d79387f3a98e9435a84fc00eeade5047cf1aae9d75cff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imageedited.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 13 Sep 2021 18:37:21 GMT
server
cafe
content-length
26699
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-Sep-2021 18:52:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 18:37:21 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
sffe /
Resource Hash
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:20 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273431406706"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
expires
Mon, 13 Sep 2021 18:37:20 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B024 		217 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&adk=1812271804&adf=1573534164&lmt=1473300960&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fimageedited.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631558240266&bpp=1&bdt=388&idt=262&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4149754805599&frm=20&pv=1&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=267
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
89e5697431812d10474d6b0852f6a5f333d6a8e799aa91b4e2744e58a1df1681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1228592405957699&output=html&adk=1812271804&adf=1573534164&lmt=1473300960&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fimageedited.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631558240266&bpp=1&bdt=388&idt=262&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4149754805599&frm=20&pv=1&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=267
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imageedited.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 13 Sep 2021 18:37:21 GMT
server
cafe
content-length
56922
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-Sep-2021 18:52:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 18:37:21 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 5A8F 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 16:46:12 GMT
server
ESF
date
Mon, 13 Sep 2021 18:37:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Sep 2021 18:37:21 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 5A8F 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:35:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5A8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZYjIYJo_YdrNIsjjywXH5bXQDKDyvOphzfKqt_cNpOfy7ZUCEAEg0_STDmCV4pCCoAegAanV7MICyAEJqQL5UZX5S9CzPqgDAcgDywSqBLYBT9AVkjJSDC9wnOmAMjyDDUDt8pVTQdTk9fRj69lxBoXYtKTDcAfWJGhyW3CyRbanGl4enHL5SqYWsSU0OHPjn8GTjWx_g39TD9-6buNhn2-bsIc1uJeKOHYfPc2ZlkkXyLAkBp2iaoV8huxFkAvKVTx5YHa0AZaPEKU-x49Mtk41qA_Am1ogbt1gU72joMIIpEnkHHJB9I78qwRtqVqygDyTFQ8z77-ntsqxJJi206x-5XDcRUXABMHMi-3MA5IFBAgEGAGSBQQIBRgEoAYugAe_qpO9AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQjI0W0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjI4NTkyNDA1OTU3Njk5GAA&sigh=mom4OopiQk4&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 13 Sep 2021 18:37:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 13 Sep 2021 18:37:21 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9779681584961496582/ Frame 5A8F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9779681584961496582/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
sffe /
Resource Hash
414330c45c04bb08d1f98293797914340c63de5faf45aacc2c5e5c083511ce9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 11:21:21 GMT
x-content-type-options
nosniff
age
198960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 12:44:24 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 11:21:21 GMT
truncated
/ Frame 5A8F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 5A8F 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:35:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 5A8F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:36:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A8F 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:21 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Mon, 13 Sep 2021 18:37:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 5A8F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:20:50 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame 5A8F 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 21:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 11 Dec 2021 21:08:10 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2a60861cee01f0d828b47898f2a79daa72e635d720e34b655657df2b98eaaa6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53104
x-xss-protection
0
server
cafe
etag
6845393147303227141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Sep 2021 18:37:21 GMT
truncated
/ Frame 5A8F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef185d10fb0ba0c6d85e8da7c3bbc0347c227ec6fb0ec147af2a479075661e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5A8F 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 14:29:32 GMT
x-content-type-options
nosniff
age
14869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 14:29:32 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5A8F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 03:17:27 GMT
x-content-type-options
nosniff
age
141594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 03:17:27 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=imageedited.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 18:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=imageedited.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f162.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 18:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/ Frame 1E9A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imageedited.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmFpNFz-_N_tJLpz8jB9XI2px5Mgglv9SwekCinbwDOE-TpgVjAjewEGS6KeLU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 13 Sep 2021 18:20:18 GMT
expires
Mon, 27 Sep 2021 18:20:18 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
1023
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/ Frame 2FE3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imageedited.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmFpNFz-_N_tJLpz8jB9XI2px5Mgglv9SwekCinbwDOE-TpgVjAjewEGS6KeLU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 13 Sep 2021 18:20:18 GMT
expires
Mon, 27 Sep 2021 18:20:18 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
1023
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 1E9A 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f10.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 17:28:06 GMT
server
ESF
date
Mon, 13 Sep 2021 18:37:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Sep 2021 18:37:21 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1E9A 		205 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:34:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
10966
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
expires
Tue, 13 Sep 2022 15:34:35 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1E9A 		604 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:54:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
178989
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
expires
Sun, 11 Sep 2022 16:54:12 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/ Frame 1E9A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7693
x-xss-protection
0
server
cafe
etag
15492606927302909567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:20:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2FE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8xiOYJo_YYehI-_ZywW7r4uQCvLL9NNgnLC45Z0LptOU2Y0OEAEg0_STDmCV4pCCoAegAcP3gPYCyAECqQKhUZvzZ8yzPqgDAcgDyQSqBMIBT9CkWUa57Yv1W_tx1wrBEl1yxpAz3uqIgDE0YIhZs6gGSsXXE2DdAdPhM-6TpihP6zs1vzDy-2yoWDbwchiJxRJZYa9SJIDvGnCWUG2pjsvpCPvAJJfIEUaCfwDdJEdrQrivAhwTCToe0CRB7z50VKK5JhBLdrn0QEwE8lZZD8iDcdRDimSId52GS_lLUpbliKgWOu0IXJA6K0VjbqP_O1HFnlNPrBQpy2ogRNF4AmfUYpgx1horPlbKJeFPrSYJSjzABKO0-KCJAqAGAoAHpYj_iQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEOm-LtIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0xMjI4NTkyNDA1OTU3Njk5GAA&sigh=MpLlo4x_KYY
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 13 Sep 2021 18:37:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 2FE3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:35:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 2FE3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:36:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2FE3 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:21 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Mon, 13 Sep 2021 18:37:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 2FE3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:20:50 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 2FE3 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 14:36:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10845
x-xss-protection
0
server
cafe
etag
14737611871312058204
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 14:36:06 GMT
2113120199775992285
tpc.googlesyndication.com/daca_images/simgad/ Frame 2FE3 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2113120199775992285
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
sffe /
Resource Hash
48e1154e1b011e216eefd701da2b33e71a12d931eea7c90487be395eb4b267f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 23:19:33 GMT
x-content-type-options
nosniff
age
69468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15848
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 19:41:54 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 23:19:33 GMT
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame D997 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1228592405957699&output=html&h=280&slotname=3475265347&adk=2695181000&adf=3025194257&pi=t.ma~as.3475265347&w=1200&fwrn=4&fwrnh=100&lmt=1473300960&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fimageedited.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631558240161&bpp=4&bdt=283&idt=345&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=4149754805599&frm=20&pv=2&ga_vid=1594447948.1631558240&ga_sid=1631558241&ga_hid=468558814&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C44750532%2C31062297&oid=3&pvsid=3238645673801806&pem=830&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IWTB14BAIw&p=http%3A//imageedited.com&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 19:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
515753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 19:21:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D6E7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmFpNFz-_N_tJLpz8jB9XI2px5Mgglv9SwekCinbwDOE-TpgVjAjewEGS6KeLU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 13 Sep 2021 17:58:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2335
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A1D1 		247 B
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.211.3 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f3.1e100.net
Software
sffe /
Resource Hash
ce55ef61f94f05469741557581d901c61fa1ac138b4e486d1edb46872b63901c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-EpX5k6UI4KHD2qAzFh6WJw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
206
date
Mon, 13 Sep 2021 18:37:22 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2FE3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8852103e46c3c2dfa16832a58fdb18134698b74d85cc93edb069d2e836ea90a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame BFD4 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 17:52:00 GMT
server
ESF
date
Mon, 13 Sep 2021 18:37:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Sep 2021 18:37:21 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame BFD4 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:35:11 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame BFD4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:35:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame BFD4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:36:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BFD4 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:21 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Mon, 13 Sep 2021 18:37:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame BFD4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 18:20:50 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame BFD4 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 21:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 20:25:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 11 Dec 2021 21:08:10 GMT
redir.html
p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E4BF 		247 B
806 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.227 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f3.1e100.net
Software
sffe /
Resource Hash
3c29311dbdbe17d2c4cff8dbd91095b36dfc614f15f9e25824aa8a5ea54b70e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-3MAqPGryiqUUCvDFCL6TiQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
203
date
Mon, 13 Sep 2021 18:37:22 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame D6E7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmFpNFz-_N_tJLpz8jB9XI2px5Mgglv9SwekCinbwDOE-TpgVjAjewEGS6KeLU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 13 Sep 2021 18:37:22 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 13-Sep-2021 19:37:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 18:37:22 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 13 Sep 2021 18:37:22 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A1D1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.211.3 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f3.1e100.net
Software
sffe /
Resource Hash
9c902328fafc0b806170d4772d7594e8e6f57069104bfab7017ef35b6312ee1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-491sHXa9SwZXoI752S57EQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
1863
date
Mon, 13 Sep 2021 18:37:22 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E4BF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.227 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f3.1e100.net
Software
sffe /
Resource Hash
2888bcf41f8ea828434dbdd050f961d7685e07c7d3c2415ed7fbc24d7f4111bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-GzXKg0ixfnnENDc847Wa1g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
1860
date
Mon, 13 Sep 2021 18:37:22 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame 4AA4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 19:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
515754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 19:21:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8b0a0f9f8436570f69b39af54a6d9a38d7412b7c675d594ad92c454c6ae3a3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 18:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8464
x-xss-protection
0
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame 20E6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: imageedited.com
URL: http://imageedited.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 19:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
515754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 19:21:28 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=468558814&t=timing&_s=2&dl=http%3A%2F%2Fimageedited.com%2F&ul=en-us&de=UTF-8&dt=Image%20Edited%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2...
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=468558814&t=timing&_s=2&dl=http%3A%2F%2Fimageedited.com%2F&ul=en-us&de=UTF-8&dt=Image%20Edited%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=468558814&t=timing&_s=2&dl=http%3A%2F%2Fimageedited.com%2F&ul=en-us&de=UTF-8&dt=Image%20Edited%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2947&pdt=1&dns=105&rrt=0&srt=174&tcp=172&dit=838&clt=838&_gst=838&_gbt=1066&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1594447948.1631558240&tid=UA-21217768-2&_gid=731968509.1631558240&z=1083388829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 19:08:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84547
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j93&a=468558814&t=timing&_s=2&dl=http%3A%2F%2Fimageedited.com%2F&ul=en-us&de=UTF-8&dt=Image%20Edited%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2947&pdt=1&dns=105&rrt=0&srt=174&tcp=172&dit=838&clt=838&_gst=838&_gbt=1066&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1594447948.1631558240&tid=UA-21217768-2&_gid=731968509.1631558240&z=1083388829
Non-Authoritative-Reason
HSTS
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1228592405957699&plah=imageedited.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 13 Sep 2021 18:37:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AA99 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.21.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra07s64-in-f161.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imageedited.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sat, 11 Sep 2021 09:03:37 GMT
expires
Sun, 11 Sep 2022 09:03:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
207225
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4A6B 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.228 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f4.1e100.net
Software
GSE /
Resource Hash
9b0596df82e333908a021791ec9a53333bd0f369193a6538e98700e4aacfecc3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eIofZXk5bC/3sVlA4AWC/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imageedited.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/

Response headers

expires
Mon, 13 Sep 2021 18:37:22 GMT
date
Mon, 13 Sep 2021 18:37:22 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eIofZXk5bC/3sVlA4AWC/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame AA99 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 19:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
515754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 19:21:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4A6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=3238645673801806&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A8F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgq6Sq40qEePaSzq7sqBWBrgtvUGnE9kOvz58Bh7Pe-esuVpgTNPyqhDBCAgkFaw8BBwBuvxch7JEcvpb0jikhIiw34d1L1rpCjHhKfRnILxM0j8L0lTWVVtGrZg&sai=AMfl-YSff2iIM-8h4CF3AvYbRsXTBJjAzVYMw813lZ93hQS9Gw4EcKnSRIRGxQkK0tgUMc9Mo_9AC2sFDWsb&sig=Cg0ArKJSzDCrmOl5qCngEAE&id=lidar2&mcvt=1001&p=422,0,702,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2695181000&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&eosm=0&rst=1631558240522&rpt=1251&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 18:37:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=3238645673801806&bg=!1tWl1ZHNAAYT0U73E9E7ACkAdvg8Wpo5q0GjVgMrXxA2I_mZOh_b6MAPib3CcWhS_PLTD0a_V1xNNQIAAABqUgAAAAtoAQcKAAabNMSieVyZAoU2WytM6KTolVND78tXIyp_GsuvVkW5H2EgwNVtggRGEyAPCsp22Lga5s-7QzMKtAKKFMkQwGgdLPMvvm2H6VwIaFO-Znl8rYPsb5qmM0039QMoEBRoq5qVN9a60kldFSk5SLtoVPC7VaqzR8vfWRMFuVg2zi-ynhCbd-5JdJQg7907HCaTIoLn53rKUTqJxfU6_1TZ3_STA_tV6SYxTa6P_qYIlklsuPPweT1bnZ8HqL1bsuAAk8NOQnSW7pc6TWho_cDOhDNPfrFKo5RHTfGjzA96-68a5VBznktK1VGrGw6GKxpcIZb_cpeU6gf-3cXyhsLZK-QhZ9f6ZQ0ZYJtppJU2oP3FUU_o2Qu5ekZCvUYe3LHqq_qj4A-vq7KPEBHJ-r2thpk99ELWy8mfWTfwj6OA28UU6g3pchvQPQadau-TBwY45wXLoK_BrrUusUdV_wrEgeo-IeJEYWLHVfDuG-fWPA4xAcWqSQJxKHDEkP-bYr2spFAnzu2mSXxilMdJvvS7T0R_OmQZYhg7R2CREeoEb57aeh0ePutma5VD8N3mIbjywxiuudUIca-brkKHcebWKKDb6CTJalz8pXu2YyTZ1G5KNNVBWgVMndmXFb8rswvDGafRXuisTb4Z-MWYz-l1_oSB5suhc_OEL3AII5DpmPcM_M4OBN2MVmCTA_r3ZOUsaw3QN1Q5uXQUeXIi_8P9hAAR52kexPhFm7QYIDWBdRkbrwS-gHagmEFrnwSlCARUNbq9n7odieGI843vZoJVi3WtU59aFnQSUCA2U7k02ILUgP335UTrWmkmMBwuWpbVx-NfxhE9s8_c3UsyBweiaYI7uKDReWY1pVU6-H_gM6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imageedited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 18:37:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2FE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLq2mYJo_YYehI-_ZywW7r4uQCvLL9NNgnLC45Z0LptOU2Y0OEAEg0_STDmCV4pCCoAegAcP3gPYCyAECqQKhUZvzZ8yzPqgDAaoEwgFP0KRZRrnti_Vb-3HXCsESXXLGkDPe6oiAMTRgiFmzqAZKxdcTYN0B0-Ez7pOmKE_rOzW_MPL7bKhYNvByGInFEllhr1IkgO8acJZQbamOy-kI-8Akl8gRRoJ_AN0kR2tCuK8CHBMJOh7QJEHvPnRUorkmEEt2ufRATATyVlkPyINx1EOKZIh3nYZL-UtSluWIqBY67QhckDorRWNuo_87UcWeU0-sFCnLaiBE0XgCZ9RimDHWGis-Vsol4U-tJglKPMAEo7T4oIkCoAYCgAeliP-JAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQ6b4u0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTEyMjg1OTI0MDU5NTc2OTkYAA&sigh=w5NDyIvIs7k&vt=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 13 Sep 2021 18:37:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2FE3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_0WVjLE2MNK_5JedmwUpcN6zYrIDh2k4kibnAj3x75dpihgSYIKH1hrzdf6iLpAOaJndWTL2-npHcCpkoq05H0ug8Lia-FZY7s0T0YizhhQAmxTadtocxiJ4hGw&sai=AMfl-YQBMNSsf-x-5qP98JKjmeJhZ-ckxIKJW3sS2EPFz9XDRJ9JFoQ2FC0AITGvOWuBqWRfMxcZ5megYMxs&sig=Cg0ArKJSzBe_uJMpcfRNEAE&id=lidar2&mcvt=1001&p=1106,298,1230,1303&mtos=99,782,1001,1124,1124&tos=99,683,219,123,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1631558241560&rpt=263&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 18:37:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| getAmazonLink function| showExif string| GoogleAnalyticsObject function| ga object| google_persistent_state_async object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.imageedited.com/ Name: _ga
Value: GA1.2.1594447948.1631558240
.imageedited.com/ Name: _gid
Value: GA1.2.731968509.1631558240
.imageedited.com/ Name: _gat
Value: 1
.imageedited.com/ Name: __gads
Value: ID=37578012ae00ff03-2219d12921c9005c:T=1631558240:RT=1631558240:S=ALNI_MYvinnIsaFwWH6NGLZ2A6ZwH5a_Yg
.doubleclick.net/ Name: IDE
Value: AHWqTUmFpNFz-_N_tJLpz8jB9XI2px5Mgglv9SwekCinbwDOE-TpgVjAjewEGS6KeLU
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageedited.com
p4-awxvx37axrutk-6f7aonzastefvyrs-if-v6exp3-v4.metric.gstatic.com
p4-gbevyod7mzdkq-ob2vmhfpcqbkfoia-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.74.106
142.250.74.130
142.250.74.138
142.250.74.34
142.250.74.46
142.250.74.98
172.217.21.161
172.217.21.162
216.58.207.195
216.58.207.227
216.58.207.228
216.58.211.3
69.163.178.75
04150c9eb6d733deb91a43dd9d630d4f6780580534d2aa0e6bea46eddd6fb44b
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
2888bcf41f8ea828434dbdd050f961d7685e07c7d3c2415ed7fbc24d7f4111bd
2a60861cee01f0d828b47898f2a79daa72e635d720e34b655657df2b98eaaa6a
2a6ace797c9cd5d9dd1fcddf24796fb0835860d7b8719b3a469bf62c512ea48c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
3c29311dbdbe17d2c4cff8dbd91095b36dfc614f15f9e25824aa8a5ea54b70e6
414330c45c04bb08d1f98293797914340c63de5faf45aacc2c5e5c083511ce9b
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
48e1154e1b011e216eefd701da2b33e71a12d931eea7c90487be395eb4b267f7
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ef185d10fb0ba0c6d85e8da7c3bbc0347c227ec6fb0ec147af2a479075661e2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6903797b064234a3d368ec054819dfbc164b949fc0afbbb5eeb429ab0a2cd576
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8852103e46c3c2dfa16832a58fdb18134698b74d85cc93edb069d2e836ea90a2
89e5697431812d10474d6b0852f6a5f333d6a8e799aa91b4e2744e58a1df1681
8b0a0f9f8436570f69b39af54a6d9a38d7412b7c675d594ad92c454c6ae3a3b7
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
9b0596df82e333908a021791ec9a53333bd0f369193a6538e98700e4aacfecc3
9c902328fafc0b806170d4772d7594e8e6f57069104bfab7017ef35b6312ee1e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3ccfe729f4eb8f11c2f6642c7d241bc017fa6c21d5a9331091e0754dd08dad6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b706a00b3669faec239643bdf3c140fdb2a9e2fc47721a1cc460b6d612f66785
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
cdfc0999e63673ade0321ad3ceebf4baa88cc9064482841d204aa8f4e78dc554
ce55ef61f94f05469741557581d901c61fa1ac138b4e486d1edb46872b63901c
cff9ed64c7000eb676119474813c680238228d7a0e77c6ebc1a18ba80853b394
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e0e47cab4ea3ad9745d79387f3a98e9435a84fc00eeade5047cf1aae9d75cff9
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62