imgsed.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://imgsed.com/
Effective URL:
https://imgsed.com/
Submission: On July 30 via manual (July 30th 2023, 4:00:13 am UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 86 HTTP transactions. The main IP is 2606:4700:20::ac43:4970, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgsed.com. The Cisco Umbrella rank of the primary domain is 366770.
TLS certificate: Issued by GTS CA 1P5 on June 6th 2023. Valid for: 3 months.

This is the only time imgsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:20:... 2606:4700:20::ac43:4970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:2a00:a:e047:753:be1	() ()
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	52.49.50.175 52.49.50.175	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 5	2a02:26f0:480... 2a02:26f0:480:22::1726:62d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
86	30

5 2606:4700:20::ac43:4970 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2a00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.50.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-50-175.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsdkprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:22::1726:62d3 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	demand.supply live.demand.supply — Cisco Umbrella Rank: 44881	38 KB
16	googlesyndication.com 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	63 KB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	208 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 427	110 KB
5	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1578 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6374	30 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 53	5 KB
5	imgsed.com 1 redirects imgsed.com — Cisco Umbrella Rank: 366770 s1.imgsed.com — Cisco Umbrella Rank: 682874	13 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 417 mug.criteo.com — Cisco Umbrella Rank: 2490	7 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1627	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 837 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 869	12 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1914	304 B
1	gstatic.com fonts.gstatic.com	34 KB
1	azureedge.net adsdkprod.azureedge.net — Cisco Umbrella Rank: 9116	25 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	2 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 6463	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213 Failed	57 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1658	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 599	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1633	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	87 KB
86	23

	Domain	Requested by
17	live.demand.supply	imgsed.com live.demand.supply client
11	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net imgsed.com 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com tpc.googlesyndication.com imgsed.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.bing.com	2 redirects 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
4	ams3-ib.adnxs.com	99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com cdn.adnxs.com
3	www.google.com	1 redirects tpc.googlesyndication.com imgsed.com
3	s1.imgsed.com	imgsed.com s1.imgsed.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	imgsed.com	1 redirects
1	googleads.g.doubleclick.net	imgsed.com
1	fonts.gstatic.com	fonts.googleapis.com
1	adsdkprod.azureedge.net	adsdk.microsoft.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	cdn.adnxs.com	99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
1	adsdk.microsoft.com	99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
1	mug.criteo.com
1	www.googletagservices.com	securepubads.g.doubleclick.net 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	imgsed.com
86	31

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
imgsed.com GTS CA 1P5	`2023-06-06` - `2023-09-04`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-07-16` - `2024-06-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://imgsed.com/
Frame ID: 83807B74DFD221757014F821781CEFCB
Requests: 47 HTTP requests in this frame

Frame: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE211AC283A96BAF103FEE161D9AA334
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com
Frame ID: 6252464E794A7F0167316E7A02A3E6B9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiuCh0XUrbM-wSS9dcAyD42S3L77jwVp0u-SmjhhB0pB2JUTgAx0Bc3BL4r0ZnKCRmJeFUWdsoSFQp9WHhhFVK_pKVonnOtgJmh732K7pPxYMjAjDWElvMNW1p9n8jm2r8LxJX1BcY1Vnsb6cALy0y4SAvHRVl6mdqE71N0wiqw3TQTh98c8bU6p34UjTI8459IRzinMtdDBoW4wR9hR4gMjhnNcuXED7bjxhvHDNpXFtHWkM17q3xX62BlzEN_RIgBKzNKUd-k9ybxiwgyubn7BnydfgW0RR-WTH2OKhiFh0vicT5sRGEPknK8XKT-xFX84KFLL95Z2Ud_kpWo_3yEC9_1AcmsE-TvL2guDMso3GuiNXFDYaH7CXINZ1waxssPyyiEalA&sai=AMfl-YQplNn0HUcPBSOYpAJEytJYIUmKuwQgjEUV4u4tOPHAQtkxs04PtWKk79PiWU-WVAVc42ghWtlby3gbHFXasffkQzvMgTuoQgdAzjqOnjyadl3t6izBxNLtlUIGptf4QfCru5Bz5q_ykIAPRe8&sig=Cg0ArKJSzLGfVWbXIvD8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F477487C6DCA3FDD7E941DCCCC08FE32
Requests: 2 HTTP requests in this frame

Frame: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 82220BA9B07A0911EFAEB565E051579F
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06A2EF9BAD6B9EAB2119355764A1B6C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 53095890264F5D997291F95DFC6896D2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 557BE1FDD2DE11DAA23D6AA16D5E9D18
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

download instagram stories highlights, photos and videos online - imgsed.com

Page URL History Show full URLs

http://imgsed.com/ HTTP 301
https://imgsed.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

86
Requests

93 %
HTTPS

72 %
IPv6

23
Domains

31
Subdomains

30
IPs

4
Countries

739 kB
Transfer

2137 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://imgsed.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://imgsed.com/ HTTP 301
https://imgsed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wIOmlnx4b0ZjQmpUeEdCL3ZzV0pGSHR6L0kvUitTNkkxUWwrOHYyVm83RTd5QnV0ZG5kZnowNThNblBGWnkxRU5CL2QxRVA1dnBFcmREdncvU2JNdldHa1FUY3RGTEd1Y3lMZHJaNzVic3B2NFJTc3IveUI0Q3laTFMra0sxYlg2c003TEJDUnBIcnloNnhzU1VEbFlQaWFZOEg4UW9Uanl0bFVnYUZCVmZ2ZDJlZmZLSis3SVBzOHlXUkQ0U1M0a3FNTDF1SEowZG9UVVEvZGtka0lmSGhKdHZJY2tiVzFkNjIxeXcvUU4wTlJsSkhKdnJtNmZ0MzJuRGFEZFUyZFQrWDNCVkVNQ1VWRXErcnA1T0MxeWhJWDZ4UT09fA&cppv=2

Request Chain 47

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e53985aa-baba-4ab2-8159-277378e689f6&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=7dbf4c0d-f20a-4064-a36f-12f70c81d9f8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D10b2e6568392478c8a9e454565c99526%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=4078527121706947808 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=10b2e6568392478c8a9e454565c99526&SNR=1&GV=2&med=10

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 85

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e53985aa-baba-4ab2-8159-277378e689f6&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=7dbf4c0d-f20a-4064-a36f-12f70c81d9f8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D10b2e6568392478c8a9e454565c99526%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=4078527121706947808 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10b2e6568392478c8a9e454565c99526&tids=15000&med=10

86 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgsed.com/
Redirect Chain

http://imgsed.com/
https://imgsed.com/

2 KB
1 KB

141ms
47ms

Document
text/html

2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34398d4775c6decebdeee7b25496dbd028b3f7be04a649163dfe96e349270e10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6966
cache-control: public, max-age=10800, immutable
cf-cache-status: HIT
cf-ray: 7eeab16069763606-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 30 Jul 2023 04:00:07 GMT
last-modified: Sun, 30 Jul 2023 01:32:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yqt%2Bf53wyhbyFZGpKcySe4eKvv9%2F81uzPvk8HUPFHfo69fp6maFJQUfOACSgyzNSe5AqGt77dJohuc9S2ien8Ogs0ZQPqpWXomj7DAlu4o5%2BHo6vXxOttH0IbT5Bq%2FoLpNM%2FVh2rTU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: MISS

Redirect headers

CF-RAY: 7eeab15f7c439261-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 30 Jul 2023 04:00:07 GMT
Expires: Sun, 30 Jul 2023 05:00:07 GMT
Location: https://imgsed.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KU8FDk06IzdLPs8%2B6TCstwt8WXjV2JFwpmuc1H4aYP09dZh%2Fq21GZml03%2FmikO7xn7KkD%2Fs4kBx1yeh3C4AurXR%2BHnmCkC8SWGSYFE8c622DqKW8maZ%2B14zROGU5gsblT5lCc3ddfuI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 205ms
107ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b20b197ffd2024ca0cac5152563616350e6deae10373202f7573abadd02aee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H66Z7EQVDXTS4QWZN2ZFHWJW
date: Sun, 30 Jul 2023 04:00:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 257
cf-polished: origSize=4392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d296967a310907ae6f4b43e3f049014b-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7eeab1616d9a3618-FRA
link: <https://live.demand.supply/impl.v17.6.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/aW1nc2VkLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 art.css
s1.imgsed.com/css/ 36 KB
7 KB 69ms
50ms Stylesheet
text/css 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/css/art.css?v58
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c4fe55f050619e96dc1ea93f5a29f6fd50fb47948cb2072bbbebeb0605c059f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Jul 2023 03:40:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 279356
etag: W/"64ab7d90-8f47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCLjoj%2F6d9I%2F1iaj0l5DgjcjI24pHVgmdK6IlI4z0xQuXPSv74DWXEC%2Ff5u4eUFbtqmzMQqaHiWktzc7uaeyD96hw1h1dOCzAEX9WuP1YyP8eMnNOxr02C0HUmvaD1RVuaZOG2Q2U%2Bk7jI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7eeab160ea033606-FRA
expires: Fri, 25 Aug 2023 22:23:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 136ms
48ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b488757d3c15f8450c0c6645d5a0bd90cfeb14c8403fac0573d002b7069aa0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 04:00:07 GMT

GET
H2 200 art.js Show response
s1.imgsed.com/js/ 7 KB
3 KB 70ms
51ms Script
application/javascript 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/js/art.js?v58
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bdf1f48701fc211a6c4150d349274d425e63f93865e7255d6fd1df1316b8f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Jul 2023 03:40:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 279356
etag: W/"64ab7d90-1d6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ehs9D7i4jFulprHgxByEqsjQB21FZ7A9vH3HAqXhbwtUcN3geZDm9OtWUQKwy5kRsQLtKkW9XG057rz5vTTWelI8xP3g%2BxhNRk8KlKENiKSwuoZ371wjykvk91qcKyUKA4vB5GW3CfK8%2FkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7eeab160ea043606-FRA
expires: Fri, 25 Aug 2023 22:23:31 GMT

GET
H2 200 search1.png
s1.imgsed.com/img/ 332 B
771 B 48ms
48ms Image
image/webp 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imgsed.com/img/search1.png
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/css/art.css?v58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/css/art.css?v58
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279294
cf-polished: origFmt=png, origSize=828
content-disposition: inline; filename="search1.webp"
content-length: 332
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 12:10:31 GMT
server: cloudflare
etag: "63ac3237-33c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5xfeMbQWY6V6uCVAR6hZ2U1PRuHRGDJzVWEs4VC%2F0kWSItSjVCGpcEZa1Grgl06TbjaOST6ReDA1XDwGilH9TjSPedB0kuWJH7eD4zTtozVc45Pp0rlk2FEn0sDRKfw5iM8wGpTVR1Xf7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7eeab1615a803606-FRA
expires: Fri, 25 Aug 2023 22:23:32 GMT

GET
H2 200 impl.v17.6.0.js Show response
live.demand.supply/ 81 KB
26 KB 54ms
53ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.6.0.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acc13cf22cb2021f0caff5ffa87bf8e5ebf57f2f3958c276708cbd4d09a0cb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H66Z7C1NWH0MBYRPV4SPDZHD
date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 385903
cf-polished: origSize=82893
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ff8dca79b04c9235878a5645aa326146-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7eeab1621e1d3618-FRA

GET
H2 200 aW1nc2VkLmNvbS8= Show response
live.demand.supply/p4/v16-10-0/ 2 KB
880 B 209ms
208ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/aW1nc2VkLmNvbS8=
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84dec7d16e8c591ab744d992a5ba4bc0f7bce642d1bab9585a61fc0e0694df15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7eeab1621e1e3618-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 196ms
142ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=206&cs=c&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:08 GMT
cf-cache-status: HIT
age: 1865554
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1627a67bb91-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 158ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c6a3c27e0bc6143013f07f1f616010ff3e4f795bc7c956071d2edd3098ff534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27871
x-xss-protection: 0
server: cafe
etag: 169 / 19568 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 04:00:08 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
621 B 106ms
54ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV9KP7JHKMSX18R4J1Y6Y7
date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1865335
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7eeab1627a66bb91-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 imgsed.com_fluid_sq_index Show response
live.demand.supply/cp/ 30 B
374 B 272ms
272ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_fluid_sq_index?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e06f89213bedf053e75e962ddff82d8b2646760f3cf1a4820e8fed79bb2be9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7eeab162aa94bb91-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 134ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je37q0&_p=2085078736&cid=95493903.1690689608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690689608&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21170
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 22:07:18 GMT

GET
H3 200 imgsed.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
372 B 319ms
318ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 267148e24a0843bfe8622a799cc14167fd53415a97edfd3369f85b5370b3a82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7eeab1636b35bb91-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 151ms
40ms Script
text/javascript 2600:9000:2250:2a00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2a00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sun, 30 Jul 2023 01:26:26 GMT
Via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 9223
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 8_8ODoeHwn6Z-SOMTLe4YA-7E3BHA903begGLLck79PR8pE2GE8D4A==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 196ms
96ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:00:08 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 143ms
43ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 5148
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: oiriP3kSaokBN-Wrqcd4iu7V30e1dmQ1inSq7Da8Df30VvxWhNoNng==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 151ms
50ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: M09PMNP1D3AXGAF2
age: 2744
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7eeab164ee706946-FRA
x-amz-id-2: 4+GCTn0e+urhSC1mnrZ5nFji83FLGV6QpKHfChg2O6uyl0MiSdHixRESP8fm/nBBJbHlCeCJIWY=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 131ms
47ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35128
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9v72xzvEYQqYPgl5n9pIhs%2BPyqyYsM5F%2FRIJfpNJ3IABfCRbNBk4KuWawOyAEbUzUykHx2j9QT7M%2FQAHuu5kLEtfxB%2BhtGbTmlujTMhXdpmDCu2HyU43KSO9SlhvWSq%2BZJ%2F5hHyr79KmYB1xyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7eeab164d881361f-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 162ms
56ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: a36cb25009fedbe3ba87321410e57f6f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
720 B 280ms
278ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637392451315538&correlator=2639428703269150&eid=31075149&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C5b1fcc9a-8fd7-4f9e-af23-7e840d87b75d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3557535414&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D63718655-26cb-4d7b-b166-9d2e78639a28%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D7%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690689608357&lmt=1690680745&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=95493903.1690689608&ga_sid=1690689608&ga_hid=2085078736&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnbXQp5oxSABSAghkEhsKDGlkNS1zeW5jLmNvbRidtdCnmjFIAFICCGQSGQoKcHViY2lkLm9yZxidtdCnmjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YnbXQp5oxSABSAghkEhcKCHJ0YmhvdXNlGJ210KeaMUgAUgIIZBIZCgp1aWRhcGkuY29tGJ210KeaMUgAUgIIZA..&dlt=1690689607789&idt=539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83816310b4e049b6cd631e06755884d9082d0142debc8c94b6950f5c213b4894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 689
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE21 6 KB
3 KB 156ms
47ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 04:00:08 GMT
expires: Mon, 29 Jul 2024 04:00:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 37 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f6a0eb0cb65da087a09348dcd1985769d431849ceb7087c9c52fe0e06edd3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 19:58:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28872
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13152
x-xss-protection: 0
server: cafe
etag: 13758367090610680476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 19:58:56 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 122ms
122ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pdc=0.39112038612365724&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:08 GMT
cf-cache-status: HIT
age: 1865554
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1646c0ebb91-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 309ms
308ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637392451315538&correlator=1813475116628616&eid=31075149&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9e1762e5-f19c-4938-8d9d-60bcfa7404f5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=2&adks=3650863032&sfv=1-0-40&prev_scp=ti%3D63718655-26cb-4d7b-b166-9d2e78639a28%26chrand%3Dy%26pof%3D0%26bid%3D0.25%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690689608398&lmt=1690680745&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=95493903.1690689608&ga_sid=1690689608&ga_hid=2085078736&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnbXQp5oxSABSAghkEhsKDGlkNS1zeW5jLmNvbRidtdCnmjFIAFICCGQSGQoKcHViY2lkLm9yZxidtdCnmjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YnbXQp5oxSABSAghkEhcKCHJ0YmhvdXNlGJ210KeaMUgAUgIIZBIZCgp1aWRhcGkuY29tGJ210KeaMUgAUgIIZA..&dlt=1690689607789&idt=539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66dfa7015f172d51da62f201ce41552d346b4c779e7fe37ceb0636ed2aedfcbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12246
x-xss-protection: 0
google-lineitem-id: 5563951189
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 179ms
53ms XHR
application/json 52.49.50.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.50.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-50-175.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cc23ad7aac2606d408abd2a20078a92b56f2b6b6db88e1929f88ac0025d3f241

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://imgsed.com
cache-control: no-cache
x-server: 10.45.17.96
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 149ms
43ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://imgsed.com
date: Sun, 30 Jul 2023 04:00:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 171ms
54ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://imgsed.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://imgsed.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 30 Jul 2023 04:00:08 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: e93d959e7c1891299df067b83f45d1e9

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 57ms
56ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 91b8226fbd47700a4624dcfe8f5fc994f68bd078b90c54c37ff30d406bda2072

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 2af5ea8706e87c75620d1792ba1d1415
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 76ms
76ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pdc=0.2771878004074097&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:08 GMT
cf-cache-status: HIT
age: 1865554
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1656cd8bb91-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 47ms
47ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4B84TTR0HYCCB4BQBXB73YW
date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 936221
etag: W/"c7e963c0d989e2de7e1130bf3281bc3e-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7eeab1656f3b1d8e-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 58ms
58ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=imgsed.com_auto_728x90_sticky_display_bottom&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HS6XFV5JN2M3XP0T8Y
date: Sun, 30 Jul 2023 04:00:08 GMT
cf-cache-status: HIT
age: 1865525
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1656cdbbb91-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
17 KB 304ms
304ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637392451315538&correlator=813041590935147&eid=31075149&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C840219cb-19cc-4356-9a61-e5772cde584b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=1184291071&sfv=1-0-40&prev_scp=ti%3D63718655-26cb-4d7b-b166-9d2e78639a28%26chrand%3Dy%26pof%3D0%26bid%3D0.12%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D81&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690689608537&lmt=1690680745&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=95493903.1690689608&ga_sid=1690689608&ga_hid=2085078736&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnbXQp5oxSABSAghkEhkKCnB1YmNpZC5vcmcYpbbQp5oxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJ210KeaMUgAUgIIZBIXCghydGJob3VzZRidtdCnmjFIAFICCGQSGQoKdWlkYXBpLmNvbRidtdCnmjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJ210KeaMUgAUgIIZA..&dlt=1690689607789&idt=539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a29d324eac7bfb2ff15c7c15d698b92a4c505fd9df85a5b8cfa0188dd56fa877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17876
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6252 15 KB
6 KB 150ms
46ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 04:00:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 286729
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 117ms
117ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:08 GMT
cf-cache-status: HIT
age: 1865554
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1662d82bb91-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 972 B
510 B 296ms
295ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637392451315538&correlator=1982373279835299&eid=31075149&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ccd5f0bdc-b9a1-47ac-a657-60582e930ab9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=1021207636&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D63718655-26cb-4d7b-b166-9d2e78639a28%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie=ID%3D4296da0fb2994151%3AT%3D1690689608%3ART%3D1690689608%3AS%3DALNI_MYi-6BWIty7lkjPCUghfSBLUcfV1g&gpic=UID%3D00000c49254cf413%3AT%3D1690689608%3ART%3D1690689608%3AS%3DALNI_MZy73QIEKWYcZFUPm6D3V3n7SeZbg&abxe=1&dt=1690689608657&lmt=1690680745&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=95493903.1690689608&ga_sid=1690689608&ga_hid=2085078736&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnbXQp5oxSABSAghkEhkKCnB1YmNpZC5vcmcYpbbQp5oxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJ210KeaMUgAUgIIZBIXCghydGJob3VzZRidtdCnmjFIAFICCGQSGQoKdWlkYXBpLmNvbRidtdCnmjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJ210KeaMUgAUgIIZA..&dlt=1690689607789&idt=539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84fa4b85e227fa8098a44af1cab42c1d93632ce78fc417a3198d4beebeefa871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 478
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame F477 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F477 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 346ms
346ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637392451315538&correlator=2915933830878119&eid=31075149&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Cc25b97ad-5898-416a-bd5e-9288e4cddf95&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=5&adks=4228963507&sfv=1-0-40&prev_scp=ti%3D63718655-26cb-4d7b-b166-9d2e78639a28%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie=ID%3D1b65bbd52ca66281%3AT%3D1690689608%3ART%3D1690689608%3AS%3DALNI_MZhbGshuMnERufaHxxwDbUJxeKmnA&gpic=UID%3D00000c49253f23b2%3AT%3D1690689608%3ART%3D1690689608%3AS%3DALNI_MYEZhAjdpd2pdteBhNPrEH6jSFI9Q&abxe=1&dt=1690689608739&lmt=1690680745&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=95493903.1690689608&ga_sid=1690689608&ga_hid=2085078736&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnbXQp5oxSABSAghkEhkKCnB1YmNpZC5vcmcYpbbQp5oxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJ210KeaMUgAUgIIZBIXCghydGJob3VzZRidtdCnmjFIAFICCGQSGQoKdWlkYXBpLmNvbRidtdCnmjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOC30KeaMUgAUgIIag..&dlt=1690689607789&idt=539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cdbf0a12f657548d8920d6e52fd365fa7c3db509158cfd14ead87f229b7995a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13301
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6252
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=wIOmlnx4b0ZjQmpUeEdCL3ZzV0pGSHR6L0kvUitTNkkxUWwrOHYyVm83RTd5QnV0ZG5kZnowNThNblBGWnkxRU5CL2QxRVA1dnBFcmREdncvU2JNdldHa1FUY3RGTEd1Y3lMZHJaNzVic3B2NFJTc3IveUI0Q3laTFMra0...

441 B
657 B

163ms
43ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wIOmlnx4b0ZjQmpUeEdCL3ZzV0pGSHR6L0kvUitTNkkxUWwrOHYyVm83RTd5QnV0ZG5kZnowNThNblBGWnkxRU5CL2QxRVA1dnBFcmREdncvU2JNdldHa1FUY3RGTEd1Y3lMZHJaNzVic3B2NFJTc3IveUI0Q3laTFMra0sxYlg2c003TEJDUnBIcnloNnhzU1VEbFlQaWFZOEg4UW9Uanl0bFVnYUZCVmZ2ZDJlZmZLSis3SVBzOHlXUkQ0U1M0a3FNTDF1SEowZG9UVVEvZGtka0lmSGhKdHZJY2tiVzFkNjIxeXcvUU4wTlJsSkhKdnJtNmZ0MzJuRGFEZFUyZFQrWDNCVkVNQ1VWRXErcnA1T0MxeWhJWDZ4UT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5cc7b3b78ae724c58989b779f0c039128902d4b179dfbe68c7cb227d2e3e7366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1219507
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wIOmlnx4b0ZjQmpUeEdCL3ZzV0pGSHR6L0kvUitTNkkxUWwrOHYyVm83RTd5QnV0ZG5kZnowNThNblBGWnkxRU5CL2QxRVA1dnBFcmREdncvU2JNdldHa1FUY3RGTEd1Y3lMZHJaNzVic3B2NFJTc3IveUI0Q3laTFMra0sxYlg2c003TEJDUnBIcnloNnhzU1VEbFlQaWFZOEg4UW9Uanl0bFVnYUZCVmZ2ZDJlZmZLSis3SVBzOHlXUkQ0U1M0a3FNTDF1SEowZG9UVVEvZGtka0lmSGhKdHZJY2tiVzFkNjIxeXcvUU4wTlJsSkhKdnJtNmZ0MzJuRGFEZFUyZFQrWDNCVkVNQ1VWRXErcnA1T0MxeWhJWDZ4UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 217639
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 143ms
56ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae79d6181b07bdc676d26d0a77fcb2c021adbd2e978312b81620454a5d47c0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11650
x-xss-protection: 0

GET
H2 200 container.html Show response
99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8222 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 04:00:08 GMT
expires: Mon, 29 Jul 2024 04:00:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 126ms
125ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.12&b=2&r=imgsed.com_auto_728x90_sticky_display_bottom&sy=fb80acf0-9943-428a-bdb1-e93943495bee&ts=81&cd=2&pud=206&pus=c&pue=473&pid=61&pis=c&pie=534&ppd=210&pps=a&ppe=683&pcl=361&ttc=686&tti=1340&ttif=0&lca=683&lcak=ppe&lct=683&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=63718655-26cb-4d7b-b166-9d2e78639a28&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:08 GMT
cf-cache-status: HIT
age: 1865554
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1678ea2bb91-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 156ms
49ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jul 2023 04:00:09 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 8222 14 KB
7 KB 217ms
42ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 816cd6a1daa82413ac76b054ed90281cff8784847fb1d9eed0b3f611097219aa

Request headers

Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
Origin: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 30 Jul 2023 04:00:09 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 16:30:33 GMT
vary: Accept-Encoding
x-azure-ref: 20230730T040009Z-7cd4y06rwx4xh6ad1nz02g55sw0000000nvg00000000xn6e
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6ecaca48-001e-010b-6ea7-c01075000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 8222
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e53985aa-baba-4ab2-8159-277378e689f6&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=7dbf4c0d-f20a-4064-a36f-12f70c81d9f8&rlink...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=10b2e6568392478c8a9e454565c99526&SNR=1&GV=2&med=10

0
547 B

91ms
90ms

Image
text/plain

2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=10b2e6568392478c8a9e454565c99526&SNR=1&GV=2&med=10
Requested by: Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2002F1B49E543F2B13315044812BBC4 Ref B: BRU30EDGE0619 Ref C: 2023-07-30T04:00:09Z
x-cdn-traceid: 0.13d53e17.1690689609.3efc7bd3
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 30 Jul 2023 04:00:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB1C341011E44305B1267697F5CC190E Ref B: MIL30EDGE1106 Ref C: 2023-07-30T04:00:09Z
x-cdn-traceid: 0.13d53e17.1690689609.3efc7aea
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=10b2e6568392478c8a9e454565c99526&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 8222 80 KB
27 KB 225ms
72ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 04:00:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Mon, 29 Jul 2024 04:00:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 8222 3 KB
1 KB 107ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:29:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 8222 20 KB
9 KB 97ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 03:48:30 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8222 24 KB
7 KB 103ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Jul 2024 05:12:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8222 179 KB
57 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 04:00:08 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 48ms
48ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:08 GMT
cf-cache-status: HIT
age: 1865554
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1682f29bb91-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 972 B
507 B 275ms
274ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637392451315538&correlator=373232999166825&eid=31075149&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C7f252bc2-f8d7-4008-a336-7d7ecbed8d2b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=2126474764&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D63718655-26cb-4d7b-b166-9d2e78639a28%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie=ID%3D60bd3243eb08686d%3AT%3D1690689608%3ART%3D1690689608%3AS%3DALNI_MbtGEAa-w0jJXJQPnbRdgmoaZKPcg&gpic=UID%3D00000c4925372538%3AT%3D1690689608%3ART%3D1690689608%3AS%3DALNI_Mam0OJbNAkbj9w_v-gNTEAzAh5amQ&abxe=1&dt=1690689608973&lmt=1690680745&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=95493903.1690689608&ga_sid=1690689608&ga_hid=2085078736&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnbXQp5oxSABSAghkEhkKCnB1YmNpZC5vcmcYpbbQp5oxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJ210KeaMUgAUgIIZBLCAQoIcnRiaG91c2USrAFuaDRTK3QxYnY2dzhyTDJwSDRhRmQzVUp4OUgybUZxU25tM3lnWUxrMVlvN0Jubkp0ZHQwSFBINGc1a0RGa0NOazNGQTdUeS9yYTRDbmIya0ljazllQTFFUHBsZThLVDNPMXVaYUNITTZJMlViYjJIaU1GS0k0NHAzeVlyeVdqcGhYK3Jjc2dhVk8rWnl4SE90Si9xQjhJMzE3djNtNWtnUHpnSmVyQXpEZjA9GLC40KeaMUgAEhkKCnVpZGFwaS5jb20YnbXQp5oxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjgt9CnmjFIAFICCGo.&dlt=1690689607789&idt=539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7367a81424955534ef54a927e5e5005cd8d34c777ba357f72ef7b7fb7353b4f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 06A2 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:10:38 GMT
expires: Sun, 28 Jul 2024 17:10:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5309 783 B
1000 B 138ms
51ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be375fb7e4752eaeb895718e445d06ad531308e6c4ca6d94f4867a7b896def64

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zqroL0av4RC3Dwn7e2Bvng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-zqroL0av4RC3Dwn7e2Bvng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 04:00:09 GMT
expires: Sun, 30 Jul 2023 04:00:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 557B 222 KB
61 KB 191ms
56ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jul 2023 07:56:13 GMT
age: 72236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 28 Jul 2024 07:56:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 557B 15 KB
5 KB 279ms
145ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jul 2023 00:13:47 GMT
age: 272782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 26 Jul 2024 00:13:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 557B 94 KB
28 KB 263ms
129ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:15:56 GMT
age: 117853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 19:15:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 557B 5 KB
2 KB 283ms
149ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jul 2023 01:18:28 GMT
age: 96101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 28 Jul 2024 01:18:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 557B 40 KB
14 KB 176ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 07:23:35 GMT
age: 160594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 07:23:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 557B 14 KB
2 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 04:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 02:12:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 04:00:09 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 557B 2 KB
3 KB 40ms
39ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 84002
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 30 Jul 2023 04:40:07 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 557B 295 B
399 B 41ms
40ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 45530
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 30 Jul 2023 15:21:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 557B 0
0 123ms
48ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqV4JSR3BZERYn3IBST-NgXeZ4kuFtyJPuPtdl5fCVYbOg37Hk4x59xo5XAqMcSZBv37RCPiMC2sy3kUkmg9MqOX2P0Q
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 134ms
134ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pn=2&sn=3&pc=0.39112038612365724&ds=true&e=wdp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:09 GMT
cf-cache-status: HIT
age: 1865555
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1690fc7bb91-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 127ms
127ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imgsed.com_fluid_sq_index&sy=fb80acf0-9943-428a-bdb1-e93943495bee&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=500x280&mlbw=4g&mlcs=NaN&mltp=63718655-26cb-4d7b-b166-9d2e78639a28&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:09 GMT
cf-cache-status: HIT
age: 1865555
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab1690fc8bb91-FRA

GET
DATA 200
OK truncated
/ Frame 557B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03610877f83ff02485570859212a298cad8d77013ad868ef72d28fa37d867345

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 06A2 37 KB
14 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 08:04:16 GMT

GET
H2 200 044f11c98027a2ea45a6.js Show response
adsdkprod.azureedge.net/native-to-display/ Frame 8222 61 KB
25 KB 164ms
78ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdkprod.azureedge.net/native-to-display/044f11c98027a2ea45a6.js
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 819d2e67c083da04e6e95e9792723d2a97b722e52a6606e3179882ac9f7db02b

Request headers

Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
Origin: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 30 Jul 2023 04:00:09 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 16:30:33 GMT
vary: Accept-Encoding
x-azure-ref: 20230730T040009Z-fwagxbdrrh5f58f21cqg448f700000000ca000000001ksn2
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0915b4d0-f01e-0024-10a7-c05785000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 8222 0
531 B 150ms
45ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fimgsed.com&e=wqT_3QLYA-jYAQAAAwDWAAUBCMjAl6YGEOCpjsHu2fXMOBgAKjYJAwtKOaRk4T8RUvvj7w_f4D8ZAAAAgD0K_z8hUg0SACkRJNAxAAAAoJmZ4T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiM8gWAAQGKAQNVU0SSAQEG8OWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCEmh0dHBzOi8vaW1nc2VkLmNvbYADAIgDAZADAJgDCaADAaoDAMADrALIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWL0pG0ldWzmGPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWbxlb6BQQIABAAkAYAmAYAuAYAwQYAAAEjLPA_0AbCjQTaBhYKEAEQLgEAdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHjPIF0gcNCREqASYM2gcGCAUJaOAHAOoHAggA8AedlQOKCAIQAJUIAACAP5gIAQ..&s=6f361844ea0fc82ba6a5d2ae6d887a40bcfb858b&bdref=https%3A%2F%2Fimgsed.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fimgsed.com%2F,https%3A%2F%2F99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:09 GMT
an-x-request-uuid: 9fe35e22-579d-4825-9250-8e7ccaebc527
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5309 0
0 73ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=3637392451315538&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 116ms
116ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id: 01H4PV96HZQ385EVDADA07GM2Q
date: Sun, 30 Jul 2023 04:00:09 GMT
cf-cache-status: HIT
age: 1865555
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "5b5ae7efc98c735bc4fd5b42c94c2364-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7eeab169e88ebb91-FRA

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 557B 33 KB
34 KB 132ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imgsed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:16:50 GMT
x-content-type-options: nosniff
age: 78199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 06:16:50 GMT

GET
DATA 200
OK truncated
/ Frame 8222 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0976ad081b65aceeb1470a2947313701a8aadfdcdf0709428b8f253c33baf187

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 8222 0
580 B 45ms
45ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgsed.com&e=wqT_3QLaBuhaAwAAAwDWAAUBCMjAl6YGEOCpjsHu2fXMOBgAKjYJAwtKOaRk4T8RUvvj7w_f4D8ZAAAAgD0K_z8hUg0SACkRJNAxAAAAoJmZ4T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiM8gWAAQGKAQNVU0SSAQEG8FiYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gISaHR0cHM6Ly9pbWdzZWQuY29tgAMAiAMBkAMAmAMJoAMBqgOCAwqYAmh0dAUo8JV3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9N2RiZjRjMGQtZjIwYS00MDY0LWEzNmYtMTJmNzBjODFkOWY4JmNtRXhwSWQ9Vjcmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ZGKGWQC4cnR5cGU9bnVybCZ0YWdJZD02OTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0MDc4NTI3MTIxNzA2OTQ3ODA4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56RTRPREE0TURrM09URXhPVFFqTWpNeU16WTRNRE00TmpVNE5USXpNdz09wAOsAsgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYvSkbSV1bOYY8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZvGVvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB4zyBdIHDQkuJgAM2gcGCAkvZAcA6gcCCADwB52VA4oIAhAAlQgAAIA_mAgB&s=d5c560cd639340f398d8f9fb63c5a9b8b0cbe077&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=728&bh=90&sid=7514468591894542375&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:09 GMT
an-x-request-uuid: 9750d700-b899-415b-aa0c-ddbbbb0c28b3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 8222 3 KB
3 KB 47ms
47ms Image
image/jpeg 2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7284311761291_1QNAEAAQYJ38INBH5M&pid=21.2&c=16&roil=0.0039&roit=0&roir=0.9951&roib=1&w=200&h=105
Requested by: Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8b22cc87d04b92a7565c71bd0e38856320448c24c68d259652afd8e98a5465ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:09 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.13d53e17.1690689609.3efc7bb3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 2853
alt-svc: h3=":443"; ma=93600

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 06A2 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WgTCZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:00:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 557B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

138ms
50ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Jul 2023 04:00:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 557B 0
0 86ms
86ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CW7jTSODFZPrfL6nA9u8PzJ2KmAjBzZjlcZj22--CEmQQASCVm8ohYJXykoKgB6AB7eHknwPIAQGpAuUjJmJxe7I-4AIAqAMByAMKqgTkAU_QXO_RJ3B4_S11LfvhSmab7sl0W-jMlpjiaYS1dQ_l-YwS3F_bmxCabFZpaEZzvYKYQTo3qs2bnjyXPClypCLjPFj1oBjFJuzTT5hbDRmYeTm3d2ftFgxMCCX9ZeaAWQ5Nlgh-8FKcMtKFSqF5WSWRvK7aEgcmwXYkVkPXVbNhba9FhPnD5oxlQMuey74B11LeFnlzAYsPgxiY9ehSjAh3VB0DVCBnWaKARRzVmXUWF_WlHDa04_jMyBYmr5gSIKmzct5nPRgObHh-xd2-ckYg87hd9m15FTI07bfJDcyZh2RF-MAEgqbRp7ME4AQBkgUECAQYAZIFBAgFGASAB_udm2CoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCWgQ7SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=V03kBDtIOIM&uach_m=[]&cid=CAQSOwBpAlJWeWTTGVbvted3bjxcdrjq9YcosRQCl76n6PPzcQndRZQsM1j2tyXknIvQ6jmMUfejg1RcfGIAGAE&cbvp=2
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8222 0
0 84ms
84ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPvUpSODFZKbWI_XY7_UP1cOH0AfS4Nfgbo-ktpOTCsCNtwEQASAAYJXKq4K0B4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSKAk_QMOPqZcAIstudh0PbtrXvHasJT8g9RCnYqkP1KWYka1Pxo1s9mcuBaHsyX2i67aGF26aSP5eS2Vitok9rWp34fXEOjI8HP1jDEOt5Ig-gcBNJUAYwnI7XkG_dc6MN0jm83WNv0HsLIaGmxyCcCW_dInuxNh47EHZtIeTWxpmnPCjIRxQoUIXJ_GCT4xPDxyafhKItLWHHVvZuDB5LVF25nc3IdY_GTH9DPTOPHlsPh14-VumiQo4Zew4PFJad0i7jAfNw9O6iRU_5HX6LuKIp1D1HvYI8C5PIQMbUqGwIvfXBf3HD558WM6BxMlwKRVSUsCyVkAJlKYgoSa4bwhGxsi1moRoxNnla4AQBgAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=zWJ3I-YRxz8&uach_m=[UACH]&cid=CAQSSwBpAlJWrN0Rn-qhEk3cMeKVqxvGG-SGUuRU9DLjEPSBKJ7WJ8BLuiEr6FiOtHtm8Ja0-9zyuAWS2zVswLctNdZ7Fr4DSFn2srsmmhgB&cbvp=2&vis=1
Requested by: Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 8222 0
530 B 46ms
46ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fimgsed.com&e=wqT_3QLaBuhaAwAAAwDWAAUBCMjAl6YGEOCpjsHu2fXMOBgAKjYJAwtKOaRk4T8RUvvj7w_f4D8ZAAAAgD0K_z8hUg0SACkRJNAxAAAAoJmZ4T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiM8gWAAQGKAQNVU0SSAQEG8FiYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gISaHR0cHM6Ly9pbWdzZWQuY29tgAMAiAMBkAMAmAMJoAMBqgOCAwqYAmh0dAUo8JV3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9N2RiZjRjMGQtZjIwYS00MDY0LWEzNmYtMTJmNzBjODFkOWY4JmNtRXhwSWQ9Vjcmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ZGKGWQC4cnR5cGU9bnVybCZ0YWdJZD02OTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0MDc4NTI3MTIxNzA2OTQ3ODA4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56RTRPREE0TURrM09URXhPVFFqTWpNeU16WTRNRE00TmpVNE5USXpNdz09wAOsAsgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYvSkbSV1bOYY8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZvGVvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB4zyBdIHDQkuJgAM2gcGCAkvZAcA6gcCCADwB52VA4oIAhAAlQgAAIA_mAgB&s=d5c560cd639340f398d8f9fb63c5a9b8b0cbe077&pp=ZMXgSAAI6yYIu-x1AAHh1Tq7QZCc7PPRs0KDkQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7cPaSODFZKbWI_XY7_UP1cOH0AfS4Nfgbo-ktpOTCsCNtwEQASAAYJXKq4K0B4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSNAk_QMOPqZcAIstudh0PbtrXvHasJT8g9RCnYqkP1KWYka1Pxo1s9mcuBaHsyX2i67aGF26aSP5eS2Vitok9rWp34fXEOjI8HP1jDEOt5Ig-gcBNJUAYwnI7XkG_dc6MN0jm83WNv0HsLIaGmxyCcCW_dInuxNh47EHZtIeTWxpmnPCjIRxQoUIXJ_GCT4xPDxyafhKItLWHHVvZuDB5LVF25nc3IdY_GTH9DPTOPHlsPh14-VumiQo4Zew4PFJad0i7jAfNw9O6iRU_5HX6LuKIp1D1HvYI8C5PIQMbUqGwIvfXBfzPBxg3Ul1ocpqZ-8MrNNJqRswjhIKYwkAydm5UNMgdKudqw1BTOEBm94AQBgAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wHRgR_VWgQbNH4ul8ywXQ_fS-9A%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2

Requested by

Host: 99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
URL: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:09 GMT
an-x-request-uuid: 33f61cee-de1a-4849-96eb-69085603ecc3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=3637392451315538&bg=!FRalFkLNAAZGOVy5Zjk7ADkAdvg8WuCjcjIj3wd-p-i360RKq5n-0A-S_dg2QVRcgZV4bq2bhAp7v59stWUFehloEyqDbs8Lq2wCAAAA0lIAAAAJaAEHCgAFxqzgFxWZAqN_4CpeQ3R4nrrEdHV-EJ00PVfioux2BSmcM52TuNT3Nb6oU4yvjmHYRdOX32Ne7TA4oPzTpwgjYjdi_WfQvo_ldJtyzA6p1bv1Nddy2orkRlRYEFsDIHQSxQAq9MJmCyX6rbVItZK2S4oBCFCI7Vz77tlVJHv6QnhLGVYqPECWj730_AW4gAR-ps6uinCqpfbBXK3WROY4ub250B56kgny_seTRZuk1NkIXs4hu4XGkjX3eU0hHEbFdu9wKNOjcjdLdMedcJ0p4iuSfCQRVcg82N0rT8MDhwULtOSYQjEnNPLLbnSvuLTlISDZpxA7yNYj9v0Bi279nCboiUvln1LRTorkYmf5TvSuPRwb7oyFOcbgKMZqMuLeUO6znearCdcvwFiKHW4FKYsVupQKx0JhdIH1rrKHnjdj__UiCyB7XZFZXSxJUoyn3vQfv-ZKmgqDhTOpAkqmIret1cK80-aEF2XNvTb9zJ4_MoHK52qdBtqXADxs8mEgAbnD3lwdraYlw9RxZ8kuPR7ZTaPySnIGuLfIae2ITVTq7OJLIjqg54BxYMD2Uk5ab8BX2BfsDWL1MLQj8a1ALPdTqAjtImRw7InkIpBb_vb-XuP2VdLQovCkHKusYNiotkTN4K33PJMDteoTBCinQ0TokNzEL_2owMGMTH6c4zj315LD5CnAC99_hILGgjaadELplTVtr6Dioq3bl2pvQ_SeB7F_tWadQBdq_VxPtLL1Vk_h8kSut5YS9BxIkC6zGeCIEy30kGrfa4_TWDLIkOSxye_eicAbwps0VMUJIWcvtMECSuxqm5VM_mJHQiRuYW4ss7iiBq4wQihBc9UpTBhKuUmk689DNZiLdcBwYlWI46N5TxgxBg2z7SXalV1saZM1MoI4vAvCV_k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 8222 0
580 B 48ms
48ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fimgsed.com&e=wqT_3QLaBuhaAwAAAwDWAAUBCMjAl6YGEOCpjsHu2fXMOBgAKjYJAwtKOaRk4T8RUvvj7w_f4D8ZAAAAgD0K_z8hUg0SACkRJNAxAAAAoJmZ4T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiM8gWAAQGKAQNVU0SSAQEG8FiYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gISaHR0cHM6Ly9pbWdzZWQuY29tgAMAiAMBkAMAmAMJoAMBqgOCAwqYAmh0dAUo8JV3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9N2RiZjRjMGQtZjIwYS00MDY0LWEzNmYtMTJmNzBjODFkOWY4JmNtRXhwSWQ9Vjcmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ZGKGWQC4cnR5cGU9bnVybCZ0YWdJZD02OTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0MDc4NTI3MTIxNzA2OTQ3ODA4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56RTRPREE0TURrM09URXhPVFFqTWpNeU16WTRNRE00TmpVNE5USXpNdz09wAOsAsgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYvSkbSV1bOYY8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZvGVvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB4zyBdIHDQkuJgAM2gcGCAkvZAcA6gcCCADwB52VA4oIAhAAlQgAAIA_mAgB&s=d5c560cd639340f398d8f9fb63c5a9b8b0cbe077&type=pv&jm=1140|1141|1003&px=0&py=0&bw=728&bh=90&sf=1&sid=7514468591894542375&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:10 GMT
an-x-request-uuid: 29bd717e-fec2-485d-927d-8cecc795b6ce
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 8222
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e53985aa-baba-4ab2-8159-277378e689f6&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=7dbf4c0d-f20a-4064-a36f-12f70c81d9f8&rlink...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10b2e6568392478c8a9e454565c99526&tids=15000&med=10

0
18 B

83ms
83ms

Image
text/plain

2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10b2e6568392478c8a9e454565c99526&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0808A8DEA7BB4A3D992906A62D9456A3 Ref B: FRAEDGE1109 Ref C: 2023-07-30T04:00:10Z
x-cdn-traceid: 0.13d53e17.1690689610.3efc7e74
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 30 Jul 2023 04:00:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B70437813BA9480F8FB76BFE08EA2112 Ref B: MIL30EDGE1016 Ref C: 2023-07-30T04:00:10Z
x-cdn-traceid: 0.13d53e17.1690689610.3efc7e04
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10b2e6568392478c8a9e454565c99526&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 557B 42 B
64 B 84ms
83ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzV2VmMadn0ehQqN4-xxIUKfNIeld9LYDZJRmmZmsPz5pejTfNi9ESkcTjctscf6TLAMTKDGPMGHW6yYbDXR5yKuT7UjJu2LcoAR0uOQixBIKtBP_w5mIQ8PaxODCsNp8OnU4k13Qexu13&sai=AMfl-YTOVfJ5pS4GYc4h0A6te-kfdvW-hm2il_3k7j4LcV3r3ZjQVTdoJhbc5B_EmzzTT_aTOJNzr2c_uRWRd2Nc4GnE66X9NXm4ekh7X8Rcpc4aI6-hEBod0BJSQLw&sig=Cg0ArKJSzE0RAHkNuDMlEAE&cid=CAQSOwBpAlJWeWTTGVbvted3bjxcdrjq9YcosRQCl76n6PPzcQndRZQsM1j2tyXknIvQ6jmMUfejg1RcfGIAGAE&id=ampim&o=550,298&d=500,320&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=410&tls=1410&g=100&h=100&tt=1411&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8222 42 B
174 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqaHbBK_n3T2qK9pVErJgbAwtc6DOpB7Mbgqgj6SRk-1Rix7uzwacN07ILD6CK_IyaDuIHGGW1Lk_5WUewdpDZmJOp&sig=Cg0ArKJSzEp2tnsh9pGnEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1184291071&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690689608859&rpt=721&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 279ms
279ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je37q0&_p=2085078736&cid=95493903.1690689608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1690689608&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 04:00:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiuCh0XUrbM-wSS9dcAyD42S3L77jwVp0u-SmjhhB0pB2JUTgAx0Bc3BL4r0ZnKCRmJeFUWdsoSFQp9WHhhFVK_pKVonnOtgJmh732K7pPxYMjAjDWElvMNW1p9n8jm2r8LxJX1BcY1Vnsb6cALy0y4SAvHRVl6mdqE71N0wiqw3TQTh98c8bU6p34UjTI8459IRzinMtdDBoW4wR9hR4gMjhnNcuXED7bjxhvHDNpXFtHWkM17q3xX62BlzEN_RIgBKzNKUd-k9ybxiwgyubn7BnydfgW0RR-WTH2OKhiFh0vicT5sRGEPknK8XKT-xFX84KFLL95Z2Ud_kpWo_3yEC9_1AcmsE-TvL2guDMso3GuiNXFDYaH7CXINZ1waxssPyyiEalA&sai=AMfl-YQplNn0HUcPBSOYpAJEytJYIUmKuwQgjEUV4u4tOPHAQtkxs04PtWKk79PiWU-WVAVc42ghWtlby3gbHFXasffkQzvMgTuoQgdAzjqOnjyadl3t6izBxNLtlUIGptf4QfCru5Bz5q_ykIAPRe8&sig=Cg0ArKJSzLGfVWbXIvD8EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 23:14:09	Name: demandSupplyTi Value: 63718655-26cb-4d7b-b166-9d2e78639a28
.demand.supply/	1970-01-20 13:38:11	Name: __cf_bm Value: olXOI8P79J2aRXPix_GcZOSYtTB._lJz_8GB03L1G7o-1690689607-0-AaIsWEQTzG7O20rbFcAPK1EIbx2HE4K5WmLk4t/8WGKyd0+nhQaYPRqJKOln7clI9SN4k5FJolsoF2WUJ9RdKoE=
.imgsed.com/	1970-01-20 23:14:09	Name: _ga Value: GA1.1.95493903.1690689608
.imgsed.com/	1970-01-20 23:14:09	Name: _ga_GC2VPDBYKB Value: GS1.1.1690689608.1.0.1690689608.0.0.0
.criteo.com/	1970-01-20 22:59:45	Name: uid Value: 942dcc78-3065-4fe6-9dee-e8af40008e71
.imgsed.com/	1970-01-20 22:59:45	Name: __gads Value: ID=60bd3243eb08686d:T=1690689608:RT=1690689608:S=ALNI_MbtGEAa-w0jJXJQPnbRdgmoaZKPcg
.imgsed.com/	1970-01-20 22:59:45	Name: __gpi Value: UID=00000c4925372538:T=1690689608:RT=1690689608:S=ALNI_Mam0OJbNAkbj9w_v-gNTEAzAh5amQ
.imgsed.com/	1970-01-20 22:59:45	Name: cto_bundle Value: GoHJK19oYWxhY25mUDQyaFgyU200bmphM0xqQlZ5ZE81ZHB4aWhFQ1pOV2RzVlZXVjUlMkZ4cDlUMmN4MDd1VGUlMkIzR0IzeThkdnFPbjdGRlhlb2JlMGZ3OUpJclYlMkZXSCUyRlR5NTFHYThKJTJCaUFJMmVUN05vJTJGd1lSMjl1JTJGNm5yUW1ScGNXJTJCYmRxc0hvSUFWbVlZOEMya3glMkJnd2F6YkElM0QlM0Q
.doubleclick.net/	1970-01-20 22:59:45	Name: IDE Value: AHWqTUmFw9IYUGoc_rLiauBMU5iuKilHw5IV65UqH38u6iXmawYTATVV-dx5Xheu6-k
.bing.com/	1970-01-20 22:59:45	Name: MUID Value: 3EAD1B5B554C669E25D208055491676E
.doubleclick.net/	1970-01-20 13:38:13	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

99c1177ed17e7399337d02d073ebaba5.safeframe.googlesyndication.com
adsdk.microsoft.com
adsdkprod.azureedge.net
ams3-ib.adnxs.com
bcp.crwdcntrl.net
cdn.adnxs.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
imgsed.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
s1.imgsed.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
securepubads.g.doubleclick.net
www.googletagservices.com
162.19.138.118
178.250.1.11
185.89.210.20
2001:4860:4802:32::36
23.32.184.180
2600:9000:2250:2a00:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700:20::ac43:4970
2606:4700::6810:5914
2606:4700::6810:8516
2620:1ec:bdf::45
2a00:1450:4001:801::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:22::1726:62d3
34.96.70.87
35.190.39.111
52.49.50.175
65.9.66.97
03610877f83ff02485570859212a298cad8d77013ad868ef72d28fa37d867345
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0976ad081b65aceeb1470a2947313701a8aadfdcdf0709428b8f253c33baf187
0c6a3c27e0bc6143013f07f1f616010ff3e4f795bc7c956071d2edd3098ff534
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666
267148e24a0843bfe8622a799cc14167fd53415a97edfd3369f85b5370b3a82b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34398d4775c6decebdeee7b25496dbd028b3f7be04a649163dfe96e349270e10
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5bdf1f48701fc211a6c4150d349274d425e63f93865e7255d6fd1df1316b8f8b
5cc7b3b78ae724c58989b779f0c039128902d4b179dfbe68c7cb227d2e3e7366
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66dfa7015f172d51da62f201ce41552d346b4c779e7fe37ceb0636ed2aedfcbc
6b20b197ffd2024ca0cac5152563616350e6deae10373202f7573abadd02aee8
7367a81424955534ef54a927e5e5005cd8d34c777ba357f72ef7b7fb7353b4f2
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7cdbf0a12f657548d8920d6e52fd365fa7c3db509158cfd14ead87f229b7995a
7e06f89213bedf053e75e962ddff82d8b2646760f3cf1a4820e8fed79bb2be9b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816cd6a1daa82413ac76b054ed90281cff8784847fb1d9eed0b3f611097219aa
819d2e67c083da04e6e95e9792723d2a97b722e52a6606e3179882ac9f7db02b
83816310b4e049b6cd631e06755884d9082d0142debc8c94b6950f5c213b4894
84dec7d16e8c591ab744d992a5ba4bc0f7bce642d1bab9585a61fc0e0694df15
84fa4b85e227fa8098a44af1cab42c1d93632ce78fc417a3198d4beebeefa871
8b22cc87d04b92a7565c71bd0e38856320448c24c68d259652afd8e98a5465ce
8c4fe55f050619e96dc1ea93f5a29f6fd50fb47948cb2072bbbebeb0605c059f
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
91b8226fbd47700a4624dcfe8f5fc994f68bd078b90c54c37ff30d406bda2072
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
a29d324eac7bfb2ff15c7c15d698b92a4c505fd9df85a5b8cfa0188dd56fa877
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc13cf22cb2021f0caff5ffa87bf8e5ebf57f2f3958c276708cbd4d09a0cb10
ae79d6181b07bdc676d26d0a77fcb2c021adbd2e978312b81620454a5d47c0ba
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b488757d3c15f8450c0c6645d5a0bd90cfeb14c8403fac0573d002b7069aa0ac
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be375fb7e4752eaeb895718e445d06ad531308e6c4ca6d94f4867a7b896def64
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
cc23ad7aac2606d408abd2a20078a92b56f2b6b6db88e1929f88ac0025d3f241
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f6a0eb0cb65da087a09348dcd1985769d431849ceb7087c9c52fe0e06edd3a

imgsed.com Open in urlscan Pro 2606:4700:20::ac43:4970 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

93 %HTTPS

72 %IPv6

23 Domains

31 Subdomains

30 IPs

4 Countries

739 kBTransfer

2137 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgsed.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

93 %
HTTPS

72 %
IPv6

23
Domains

31
Subdomains

30
IPs

4
Countries

739 kB
Transfer

2137 kB
Size

11
Cookies

86 HTTP transactions
4 data transactions