s1.imgsed.com Open in urlscan Pro
2606:4700:20::681a:b84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s1.imgsed.com/
Submission: On August 18 via api (August 18th 2023, 6:23:43 pm UTC) from US — Scanned from DE

Summary HTTP 135 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 29 domains to perform 135 HTTP transactions. The main IP is 2606:4700:20::681a:b84, located in United States and belongs to CLOUDFLARENET, US. The main domain is s1.imgsed.com. The Cisco Umbrella rank of the primary domain is 813628.
TLS certificate: Issued by GTS CA 1P5 on August 5th 2023. Valid for: 3 months.

This is the only time s1.imgsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:20:... 2606:4700:20::681a:b84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:8000:a:e047:753:6381	() ()
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.139.243.81 108.139.243.81	() ()
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	54.72.84.52 54.72.84.52	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3 10	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	5.9.137.180 5.9.137.180	24940 (HETZNER-AS) (HETZNER-AS)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
2 2	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	18.200.193.67 18.200.193.67	16509 (AMAZON-02) (AMAZON-02)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	52.58.1.69 52.58.1.69	16509 (AMAZON-02) (AMAZON-02)
14	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
3	65.21.233.18 65.21.233.18	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
4	2600:9000:206... 2600:9000:206f:6800:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
135	37

4 2606:4700:20::681a:b84 (United States)

ASN13335 (CLOUDFLARENET, US)

s1.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:8000:a:e047:753:6381 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.81 (United States)

ASN- ()
PTR: server-108-139-243-81.mxp63.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.84.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.137.180 (Tuttlingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.180.137.9.5.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.63 (Plainfield, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.193.67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-193-67.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.1.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-1-69.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.21.233.18 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.233.21.65.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:6800:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	208 KB
22	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 ad.doubleclick.net — Cisco Umbrella Rank: 187	265 KB
19	revjet.com ads.revjet.com — Cisco Umbrella Rank: 8166 cdn.revjet.com — Cisco Umbrella Rank: 8302 pix.revjet.com — Cisco Umbrella Rank: 6692	525 KB
18	demand.supply live.demand.supply — Cisco Umbrella Rank: 39911 api.demand.supply — Cisco Umbrella Rank: 76117	39 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 34773	28 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	3 KB
4	imgsed.com s1.imgsed.com — Cisco Umbrella Rank: 813628	12 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 2338	7 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 667	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 720	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	113 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1013 id5-sync.com — Cisco Umbrella Rank: 440	26 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1073 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036	12 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	297 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 673	35 B
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 5457	134 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 808	599 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020	552 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 964	543 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1611	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	878 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 710	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1835	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	88 KB
135	29

	Domain	Requested by
18	tpc.googlesyndication.com	80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com securepubads.g.doubleclick.net s1.imgsed.com tpc.googlesyndication.com googleads.g.doubleclick.net cdn.ampproject.org
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s1.imgsed.com www.googletagservices.com
17	live.demand.supply	s1.imgsed.com live.demand.supply client
14	cdn.revjet.com	ads.revjet.com srcdoc
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
8	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	img01.ztat.net	srcdoc
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	s1.imgsed.com	s1.imgsed.com
3	pix.revjet.com	srcdoc
3	www.gstatic.com	s1.imgsed.com 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	securepubads.g.doubleclick.net 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com s1.imgsed.com
3	80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ad.doubleclick.net	1 redirects srcdoc
2	b1sync.zemanta.com	2 redirects
2	c1.adform.net	2 redirects
2	ads.revjet.com	80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com ads.revjet.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com s1.imgsed.com
2	googleads.g.doubleclick.net	80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	region1.google-analytics.com	www.googletagmanager.com
1	match.sharethrough.com	80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
1	cs.chocolateplatform.com	80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
1	ads.yieldmo.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	api.demand.supply	live.demand.supply
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	s1.imgsed.com
135	41

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
imgsed.com GTS CA 1P5	`2023-08-05` - `2023-11-03`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
*.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://s1.imgsed.com/
Frame ID: B3468F205DBBDDEEB8797D3531AED5F7
Requests: 45 HTTP requests in this frame

Frame: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0FCF030DEA8363EA0526E43975640EBE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=s1.imgsed.com
Frame ID: B4407BEE467A334D345909A6FC9FC28E
Requests: 2 HTTP requests in this frame

Frame: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 92693812A44F1C842C4BC2A84A7D834A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNUWs-qd4MHHiLr9NdHRLTaTf-v9vBH46KGvYvKhzMbOvPdEqQvADBs9jdWIgpLOwfhfnG2ngiCtIU7HVFNUjtQds3SK8UoRmUEikdhDKtBEiioIvz09ebcqHZgGMDmpr8rzKvPlUlNYmFF9MqLlqT011Kyq3xsndmG2YUagGVusFHK0lAx1kCh_svdLDIuluP0cVZPA6qhp4Vq2zUVh-4UBFrw7jQ
Frame ID: 69AFB9DBB2F4438F9A77D1E7C6BA1859
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: DAD828E93F80F53E7A587FBAF868729B
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 25C167E487E343F158582B667EDA0281
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92479CD71762BA890F888C354A8DACC1
Requests: 2 HTTP requests in this frame

Frame: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60D911163213CF2B8700E97F070AED24
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: D339E0204A1593E3A07FDA301D49469D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8A003FA1FFE7251186A85A05D7D5FA6B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 947736986762B49B59B07F226FD342A6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: EBF0C245343A3ECAB64872A7CD71A2C9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
Frame ID: 1F2E9BB169BD27AC37584E6E1F2D66EA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 6B4D07C3505DDDC576E2BCB837EE59B2
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

download instagram stories highlights, photos and videos online - imgsed.com

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

135
Requests

92 %
HTTPS

54 %
IPv6

29
Domains

41
Subdomains

37
IPs

8
Countries

1505 kB
Transfer

3715 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://s1.imgsed.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=s1.imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wSxV6XxTUTF4djZvS1Rnbk95M0ZDNFJIcjR1ZjA2MGxhZUtyTE9ueG95WHdxbGl1OHBPSndwT2FKWXRHK3haVkhpL0RrcllZWUZ3UDJuK2xhU3NFTE8vVm1lWXpPc1hHWDNpcWpGK0JaSHh0aU1JTHVPOGt4b0w3ZmpxdC8wUjZuRXY1c0RVYVlrSVRLRHpPcGNpbG5kdjJEQTlwbXdvb00rdm5FQjhlRDlHS1h6RVB0elZoQmxESEhFRHV0ZFdydXd5NlBLVk5ERi9qMStVdVFudDFzNW8xWXJiRm1NOUdWeFVZbjdaRklPSXdOTlpocVl2aE5seUFmR0FEcVlPSDU4VXl1WDZqMzBMMXI3U1YwbGlXbW9aV2lRUT09fA&cppv=2

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTol1r-UvCMRpUd1S9U22Y&google_cver=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN.3Ki9fLkV.-8Tz6vqicAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIq8i7wMJbLvDJqJhoMEFyY&google_cver=1&google_hm=2

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF2Q5aeglcezpwiBSBSC57c&google_cver=1

Request Chain 67

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg2NjYzMTMzMTA0Nzg2Mg%3D%3D

Request Chain 97

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDMKoCvIkSoxmZOUKd0Sc18&google_cver=1&google_push=AXcoOmTfQzPkgP_ClOmHmVZl0oSFzdC6YluXeKRbVdf74ld3ylqb52Vg3NgJ2jdm5fNKTFJWP_Lj7nX6mcEcO_8NYq8FrotOseGKQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDMKoCvIkSoxmZOUKd0Sc18&google_push=AXcoOmTfQzPkgP_ClOmHmVZl0oSFzdC6YluXeKRbVdf74ld3ylqb52Vg3NgJ2jdm5fNKTFJWP_Lj7nX6mcEcO_8NYq8FrotOseGKQg

Request Chain 98

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEGjHLQrcC2L0Tkpo8j8KECQ&google_cver=1&google_push=AXcoOmSF-EG8NC9e5pbr45SGz7zaVT0ZLMESzxFyox1Vi8ewTG6w_eirm8q2kKrvVTLvsQUhSPzwq5IDxZ6N7gVXSr2n00cNgQ9Bxg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSF-EG8NC9e5pbr45SGz7zaVT0ZLMESzxFyox1Vi8ewTG6w_eirm8q2kKrvVTLvsQUhSPzwq5IDxZ6N7gVXSr2n00cNgQ9Bxg

Request Chain 99

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFInG5xPgFOY2sw24I98Obw&google_cver=1&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuTT-pFdXWA3jFfG1q_oVa3yx5S5OQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFInG5xPgFOY2sw24I98Obw&google_cver=1&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuTT-pFdXWA3jFfG1q_oVa3yx5S5OQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExMjU0ODU0MDIwMjQzOTk2&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuTT-pFdXWA3jFfG1q_oVa3yx5S5OQ

Request Chain 100

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECa8L8R6GfhbI1YXuunP-GI&google_cver=1&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD0miDfn8jtLAVvGd7Q HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECa8L8R6GfhbI1YXuunP-GI&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD0miDfn8jtLAVvGd7Q&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD0miDfn8jtLAVvGd7Q&google_hm=NnpQbVFiV1ZMQ3ZVeWFnZGNBTWc=

Request Chain 101

https://ads.yieldmo.com/exptsync?google_gid=CAESEDalbauWNnXz3gMVa_ZGPxA&google_cver=1&google_push=AXcoOmRpJdy3RxR7pFpm3p70ZQNEZwyhTvznr-RG7h-o6JzSJ1FSDRfkJ_t1HfFdjlVZiRFbRgojvnRvol5Sq9cxYfx9lpYGbB-8bw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRpJdy3RxR7pFpm3p70ZQNEZwyhTvznr-RG7h-o6JzSJ1FSDRfkJ_t1HfFdjlVZiRFbRgojvnRvol5Sq9cxYfx9lpYGbB-8bw&google_hm=M203aUx5eUdHRHlzY3I1RzR3TUU=

Request Chain 121

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1692383018761 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CL2UroXq5oADFWCR_Qcdo4cCgQ;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1692383018761

135 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
s1.imgsed.com/ 2 KB
1 KB 461ms
360ms Document
text/html 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da96a2da58cb00ae03b4e23c878f4237dc51754ec03029bb19bbc4a0f09d62c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=10800, immutable
cf-cache-status: DYNAMIC
cf-ray: 7f8c3059d8199054-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 18 Aug 2023 18:23:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RawXW1Rr3KkLm%2FmwP2qRd%2BFoI7f5ka1yUS%2Fr%2Bkri5ESpsJ4aJgANREfArzADhuzmFQBO4tYy4XmYRoS70tq%2BThFtrS%2B9F72%2BgXCWR4%2FDA6T5rQ9vODZLWls2fL6J87rZSckdG3XFt50hFPE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: MISS

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 432ms
332ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d11baac5e9d9b51a501dc55294ee69c9f4eab22ab50703fea0a4c69cab83f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H82K9S0ESV3RW72V9V7JMKKF
date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 450
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"313919adaf3a28fd2876e22d1e26e29f-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7f8c305cb85f9217-FRA
link: <https://live.demand.supply/impl.v17.12.3.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/czEuaW1nc2VkLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 art.css
s1.imgsed.com/css/ 36 KB
7 KB 51ms
51ms Stylesheet
text/css 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/css/art.css?v60
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34849d23eccfc8dd1ca8ad29db3c000849feef7f8be66a9da54fa8b9bf0c4f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Aug 2023 03:51:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 397845
etag: W/"64d9a4d8-8f47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkcweNAkCR4%2F5wRujvQlxCiO4Rz7Z73T7FHB5ipJHj54QwMktnH4%2B76DKufVhxcgzJ%2B1MsZGFi2aALS2gYWcsKFDD8LP%2BK8sy%2FnRM95lTad91R%2B05ZUwKJykdg8DcduDOY7BJQ9GJyyWlqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7f8c305c1a929054-FRA
expires: Wed, 13 Sep 2023 03:51:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
88 KB 137ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

630d5c85e90b73cce8a0dffb9498cb20ca343ddce479692d7001c1a9de946ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 18 Aug 2023 18:23:36 GMT

GET
H2 200 art.js Show response
s1.imgsed.com/js/ 7 KB
3 KB 46ms
46ms Script
application/javascript 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/js/art.js?v60
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2e2dcda15fc3d6fdfc3956439233bff14a8f53811f00d62973cde464f768663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 06:32:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 397845
etag: W/"64d7276c-1d6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaHNq8%2FrSdP%2BWyxYPaNy1qvHG0ydCJk7y9O5g0ttiqx6v2XJY6mbPkTwjQcGKGeMsbz3k34CTAFTZ2DvkJsI5KKQbMUzyPR2WuLkzwIZCFNaD82dSA%2BhB%2FpMQcUatT86rkr5QGX10dw1%2Fgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f8c305c1a949054-FRA
expires: Wed, 13 Sep 2023 03:51:59 GMT

GET
H2 200 search1.png
s1.imgsed.com/img/ 332 B
770 B 48ms
47ms Image
image/webp 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imgsed.com/img/search1.png
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/css/art.css?v60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/css/art.css?v60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1902569
cf-polished: origFmt=png, origSize=828
content-disposition: inline; filename="search1.webp"
content-length: 332
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 12:10:31 GMT
server: cloudflare
etag: "63ac3237-33c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qwqm7CApVWgoQsa0aOM2BeanIpWs4uHCwaUofwPGOr%2B1cHaYLUzhfsB04T8F4Pjnqk7JmfuYiPdWPbi9Qfl6aWZa7GPo1lf%2F%2BL92AhR1L4GyagxUFxQa9V249JCfWx4QM3PScTQqPGYmt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7f8c305c9b1c9054-FRA
expires: Fri, 25 Aug 2023 22:23:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 135ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je38g0&_p=1569427821&cid=1983397052.1692383017&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692383016&sct=1&seg=0&dl=https%3A%2F%2Fs1.imgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s1.imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v17.12.3.js Show response
live.demand.supply/ 82 KB
27 KB 135ms
134ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.12.3.js
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2de62ba59b4b071f7cab18675db894989fe5d929b2b5a61ab76a0cce533253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H82K9FG1QR2CDE26M8WARHZY
date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 78559
cf-polished: origSize=84092
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2e4d6c054b5f248ffc82820b2835378a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7f8c305eda649217-FRA

GET
H2 200 czEuaW1nc2VkLmNvbS8= Show response
live.demand.supply/p4/v17-10-0/ 973 B
605 B 260ms
260ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/czEuaW1nc2VkLmNvbS8=
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0347538512855184cb6271cf5880484b4383f46456a38fe84beb4794ff103ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7f8c305eda659217-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
473 B 261ms
218ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=433&cs=c&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:36 GMT
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
cf-polished: origSize=2
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c305f1d6a35ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 187ms
99ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94e377eac9a330523c898dd4896bb3f3755492e33dafb1c8e8f78dba3eb75731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
server: cafe
etag: 652 / 19587 / 31077164 / config-hash: 6865334963093270093
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 18:23:36 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
614 B 184ms
142ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N0HK73ABK8VP5AH17
date: Fri, 18 Aug 2023 18:23:36 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7f8c305f1d6c35ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 imgsed.com_fluid_sq_index Show response
live.demand.supply/cp/ 30 B
370 B 267ms
267ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_fluid_sq_index?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fba9b4a46dc0732ecf73452a839a5e465403c7e402a996b799847988be5090c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7f8c305fbe3b35ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/ 402 KB
127 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec7813f9dfb4c68321e7d77132f55f7cbd76f4bde7ed4d0a460ab9bd59713b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 15:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10006
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 10299120112099686939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 17 Aug 2024 15:36:51 GMT

GET
H3 200 imgsed.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
374 B 187ms
186ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe4006ad97dfdbfdcc5cd9808e8388320f28a5fb833ff7fbaaca7ce9fc2a921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7f8c30607f3d35ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
476 B 47ms
47ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3061284235ec-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 151ms
40ms Script
text/javascript 2600:9000:2250:8000:a:e047:753:6381

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:a:e047:753:6381 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 18 Aug 2023 05:08:18 GMT
Via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 47720
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: MKAWCybj1LGNl6SqDxlIIP_0tG4GPHaKpVdpMQ3xfpBkUzOLEfGrzw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 199ms
96ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 19 Aug 2023 18:23:37 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 156ms
52ms Script
text/javascript 108.139.243.81

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.81 , United States, ASN (),
Reverse DNS: server-108-139-243-81.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 11:35:11 GMT
content-encoding: gzip
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P3
age: 24507
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 0Bl_x9oGgF-iI7_JcF71fZQBuQe6l3-cHXZNGVe8cRy1yLNz-_CD_Q==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
26 KB 144ms
51ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: 9JD2PVWRNGH6W9D6
age: 679
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f8c3061dd391c3e-FRA
x-amz-id-2: C78NJH9XkIV+sX3gWmjnQ0d7A0CrZ/OSO/7CSNMeogj/qizLfap+8xu2sOYpsPd/7/w1SlaLgeQGDUvfhgOumQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 140ms
41ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 18:23:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 25399
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230054-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 263ms
54ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 00e7893c91a67c2d7e9332f614bd3d71
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
725 B 374ms
374ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=549134298114104&correlator=3384989135646672&eid=31076868%2C31077164&output=ldjh&gdfp_req=1&vrg=202308160101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C5b1fcc9a-8fd7-4f9e-af23-7e840d87b75d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692383017151&lmt=1692375817&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fs1.imgsed.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1983397052.1692383017&ga_sid=1692383017&ga_hid=1569427821&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPGNz6AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi48Y3PoDFIAFICCGQSGQoKcHViY2lkLm9yZxi48Y3PoDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPGNz6AxSABSAghkEhcKCHJ0YmhvdXNlGLjxjc-gMUgAUgIIZBIZCgp1aWRhcGkuY29tGLfxjc-gMUgAUgIIZA..&dlt=1692383016320&idt=795&prev_scp=ti%3D27554e10-a27e-4947-a351-29af7700709f%26interstitials-bid%3D5%26bid-p%3Dgoogle%26bsc%3D73&adks=3557535414&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d0a3935da54669ed3b6922c3247dbc769fabc2c97d9d5efbf54aad638e3110e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 694
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s1.imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0FCF 6 KB
3 KB 187ms
47ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s1.imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:23:37 GMT
expires: Sat, 17 Aug 2024 18:23:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/ 37 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl_page_level_ads.js?cb=31077164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 15:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9962
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13156
x-xss-protection: 0
server: cafe
etag: 1643040129009188309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 17 Aug 2024 15:37:35 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 127ms
126ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pdc=0.30296556949615483&ucv=null&e=tcp&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c306168b435ec-FRA

GET
H2 200 imgsed.com_fluid_sq_index Show response
api.demand.supply/v17-10-0/a/ 375 B
715 B 234ms
138ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v17-10-0/a/imgsed.com_fluid_sq_index?&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a58013fdf3685ec050720b4bd7ef0f6d2b88b036184c8885103fbc4d4faac983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3677
etag: W/"177-SvbZalml91joC4s3eThjJd7/NTQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7f8c30620efb1941-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 49ms
49ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pdc=0.21923444271087647&ucv=null&e=tcp&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3061a8f435ec-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 52ms
51ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6RG2MPY6RXJSSCBB6XQAQ1T
date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 37619
etag: W/"624a705ce1b65875ce70f98cfa74b907-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7f8c3061af379078-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
472 B 145ms
145ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=imgsed.com_auto_728x90_sticky_display_bottom&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H83JSAJJRE1FVAY7S2EP0GS7
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
cf-polished: origSize=2
etag: "a45e73c524133054987858ff502c9c05-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3061a8fa35ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 456ms
455ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=549134298114104&correlator=1221816543965382&eid=31076868%2C31077164&output=ldjh&gdfp_req=1&vrg=202308160101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C840219cb-19cc-4356-9a61-e5772cde584b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692383017213&lmt=1692375817&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fs1.imgsed.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1983397052.1692383017&ga_sid=1692383017&ga_hid=1569427821&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPGNz6AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi48Y3PoDFIAFICCGQSGQoKcHViY2lkLm9yZxi48Y3PoDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuPGNz6AxSABSAghkEhcKCHJ0YmhvdXNlGLjxjc-gMUgAUgIIZBIZCgp1aWRhcGkuY29tGLfxjc-gMUgAUgIIZA..&dlt=1692383016320&idt=795&prev_scp=ti%3D27554e10-a27e-4947-a351-29af7700709f%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D73&adks=55489845&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47ae618b19dadd26c48eaa300030113e97876b867db2978b0854c85b8cb37a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11079
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s1.imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 145ms
42ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://s1.imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://s1.imgsed.com
date: Fri, 18 Aug 2023 18:23:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 209ms
54ms XHR
application/json 54.72.84.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.84.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f77c7b49f1680174722cd3fffc93f84ae337de5c2ec9d124c4408caeaadcd164

Request headers

Referer: https://s1.imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://s1.imgsed.com
cache-control: no-cache
x-server: 10.45.12.25
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B440 15 KB
6 KB 147ms
48ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=s1.imgsed.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://s1.imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:23:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 243675
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
15 KB 436ms
436ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=549134298114104&correlator=1944050508939071&eid=31076868%2C31077164&output=ldjh&gdfp_req=1&vrg=202308160101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9e1762e5-f19c-4938-8d9d-60bcfa7404f5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692383017443&lmt=1692375817&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fs1.imgsed.com%2F&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=1983397052.1692383017&ga_sid=1692383017&ga_hid=1569427821&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPGNz6AxSABSAghkEhkKCnB1YmNpZC5vcmcYyfKNz6AxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLjxjc-gMUgAUgIIZBIXCghydGJob3VzZRjR843PoDFIAFICCGoSGQoKdWlkYXBpLmNvbRi38Y3PoDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLjxjc-gMUgAUgIIZA..&dlt=1692383016320&idt=795&prev_scp=ti%3D27554e10-a27e-4947-a351-29af7700709f%26chrand%3Dy%26pof%3D0%26bid%3D0.19%26bid-p%3Dgoogle%26bsc%3D73&adks=2287763633&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ea71c6677862e6bb9a6508ad01873a46f88d686fe53354a0c2045ce0a925728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14931
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s1.imgsed.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
476 B 129ms
129ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3063bbbb35ec-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 49ms
49ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3063bbbf35ec-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 170 KB
50 KB 455ms
455ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=549134298114104&correlator=3382450759151071&eid=31076868%2C31077164&output=ldjh&gdfp_req=1&vrg=202308160101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ccd5f0bdc-b9a1-47ac-a657-60582e930ab9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D2bc818c6bd92abee%3AT%3D1692383017%3ART%3D1692383017%3AS%3DALNI_MYiHtqCiDwX2JRxhQ_TZyMPtjIN6Q&gpic=UID%3D00000c89542fe6a0%3AT%3D1692383017%3ART%3D1692383017%3AS%3DALNI_MZLM9zhujvzOBasYFGMVl8GepG0BA&abxe=1&dt=1692383017544&lmt=1692375817&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fs1.imgsed.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1983397052.1692383017&ga_sid=1692383017&ga_hid=1569427821&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuPGNz6AxSABSAghkEhkKCnB1YmNpZC5vcmcYyfKNz6AxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLjxjc-gMUgAUgIIZBIXCghydGJob3VzZRjR843PoDFIAFICCGoSGQoKdWlkYXBpLmNvbRi38Y3PoDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOrzjc-gMUgAUgIIag..&dlt=1692383016320&idt=795&prev_scp=ti%3D27554e10-a27e-4947-a351-29af7700709f%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D73&adks=1021207636&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

980bd127e3a5b0595d5f52f466c6447d4fed944921838a1e0dc725564a1c347c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51124
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s1.imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B440
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=s1.imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=wSxV6XxTUTF4djZvS1Rnbk95M0ZDNFJIcjR1ZjA2MGxhZUtyTE9ueG95WHdxbGl1OHBPSndwT2FKWXRHK3haVkhpL0RrcllZWUZ3UDJuK2xhU3NFTE8vVm1lWXpPc1hHWDNpcWpGK0JaSHh0aU1JTHVPOGt4b0w3ZmpxdC...

433 B
659 B

195ms
52ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wSxV6XxTUTF4djZvS1Rnbk95M0ZDNFJIcjR1ZjA2MGxhZUtyTE9ueG95WHdxbGl1OHBPSndwT2FKWXRHK3haVkhpL0RrcllZWUZ3UDJuK2xhU3NFTE8vVm1lWXpPc1hHWDNpcWpGK0JaSHh0aU1JTHVPOGt4b0w3ZmpxdC8wUjZuRXY1c0RVYVlrSVRLRHpPcGNpbG5kdjJEQTlwbXdvb00rdm5FQjhlRDlHS1h6RVB0elZoQmxESEhFRHV0ZFdydXd5NlBLVk5ERi9qMStVdVFudDFzNW8xWXJiRm1NOUdWeFVZbjdaRklPSXdOTlpocVl2aE5seUFmR0FEcVlPSDU4VXl1WDZqMzBMMXI3U1YwbGlXbW9aV2lRUT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8f2369a9f8f7b343fcca8e103168213b99667438a20afed4715bd255d9342792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1412748
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wSxV6XxTUTF4djZvS1Rnbk95M0ZDNFJIcjR1ZjA2MGxhZUtyTE9ueG95WHdxbGl1OHBPSndwT2FKWXRHK3haVkhpL0RrcllZWUZ3UDJuK2xhU3NFTE8vVm1lWXpPc1hHWDNpcWpGK0JaSHh0aU1JTHVPOGt4b0w3ZmpxdC8wUjZuRXY1c0RVYVlrSVRLRHpPcGNpbG5kdjJEQTlwbXdvb00rdm5FQjhlRDlHS1h6RVB0elZoQmxESEhFRHV0ZFdydXd5NlBLVk5ERi9qMStVdVFudDFzNW8xWXJiRm1NOUdWeFVZbjdaRklPSXdOTlpocVl2aE5seUFmR0FEcVlPSDU4VXl1WDZqMzBMMXI3U1YwbGlXbW9aV2lRUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 223088
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 178ms
89ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdebd0f60d1e0d075bb74cce0776595d2bbdc54e455686357dfa7520e09db727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11816
x-xss-protection: 0

GET
H2 200 container.html Show response
80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9269 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s1.imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:23:37 GMT
expires: Sat, 17 Aug 2024 18:23:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
475 B 47ms
46ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.09&b=2&r=imgsed.com_auto_728x90_sticky_display_bottom&sy=91c3d23d-6872-4169-8ca8-2be6feb0fc93&ts=73&cd=2&pud=433&pus=c&pue=898&pid=137&pis=c&pie=1035&ppd=262&pps=a&ppe=1160&pcl=544&ttc=1161&tti=1835&ttif=0&lca=1160&lcak=ppe&lct=1160&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=s1.imgsed.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=27554e10-a27e-4947-a351-29af7700709f&e=lm&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3064acf535ec-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 69AF 624 B
827 B 171ms
82ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNUWs-qd4MHHiLr9NdHRLTaTf-v9vBH46KGvYvKhzMbOvPdEqQvADBs9jdWIgpLOwfhfnG2ngiCtIU7HVFNUjtQds3SK8UoRmUEikdhDKtBEiioIvz09ebcqHZgGMDmpr8rzKvPlUlNYmFF9MqLlqT011Kyq3xsndmG2YUagGVusFHK0lAx1kCh_svdLDIuluP0cVZPA6qhp4Vq2zUVh-4UBFrw7jQ

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:23:37 GMT
expires: Fri, 18 Aug 2023 18:23:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9269 86 KB
30 KB 187ms
102ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 18:23:37 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9269 42 B
110 B 229ms
144ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bec1JveIklPd5JCL8hhJPDglMhuX3bFEzhTJi5w29TqMmE6-FLlZ7LWH50zF64oeW_Zrz6aBgXkyUW2FV3QCnKNNnelKNA1IHbl3loCgD8WV-kar8

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9269 0
121 B 228ms
143ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8719736992913309194&x=1&ct=77

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 9269 3 KB
1 KB 144ms
44ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:47:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 9269 20 KB
8 KB 139ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9269 180 KB
57 KB 149ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 18:23:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 133ms
56ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 18:23:37 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame DAD8 222 KB
62 KB 177ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 01:15:31 GMT
age: 320887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Aug 2024 01:15:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DAD8 15 KB
5 KB 277ms
142ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 01:15:23 GMT
age: 320895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Aug 2024 01:15:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DAD8 94 KB
28 KB 264ms
130ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 10:46:54 GMT
age: 286604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Aug 2024 10:46:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DAD8 5 KB
2 KB 263ms
128ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:11:00 GMT
age: 349958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:11:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DAD8 40 KB
13 KB 255ms
121ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:11:00 GMT
age: 349958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:11:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DAD8 6 KB
1 KB 146ms
56ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 18:12:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 18:23:38 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DAD8 2 KB
3 KB 65ms
64ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:26:59 GMT
x-content-type-options: nosniff
server: cafe
age: 75398
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 18 Aug 2023 21:26:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DAD8 295 B
424 B 41ms
41ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 74583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 18 Aug 2023 21:40:34 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
476 B 51ms
51ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.19&b=2&r=imgsed.com_fluid_sq_index&sy=91c3d23d-6872-4169-8ca8-2be6feb0fc93&ts=73&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=s1.imgsed.com&mlre=undefined&mlin=0&mlsi=500x280&mlbw=4g&mlcs=NaN&mltp=27554e10-a27e-4947-a351-29af7700709f&e=lm&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:37 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3065fedf35ec-FRA

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1862055059040537054/ Frame DAD8 5 KB
5 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1862055059040537054/14763004658117789537?w=200&h=200

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bc24fedd6079aecd3ade0198ee618e3f46ccbb93e96cf7ffdd9069afef5da10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 23:49:22 GMT
x-content-type-options: nosniff
age: 412455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4617
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 06:40:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Aug 2024 23:49:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1397568167910786323/ Frame DAD8 21 KB
21 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1397568167910786323/14763004658117789537?w=400&h=209

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acd7fa38882af3c7c6114604dce43d5778ad30730e8e8c9596f7666bf4d0fcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 02:21:30 GMT
x-content-type-options: nosniff
age: 403327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21317
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 06:40:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 02:21:30 GMT

GET
DATA 200
OK truncated
/ Frame DAD8 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DAD8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aa562cf8286544570938258fff747aae28afdff8a9bcc1dd136799bcd0f14aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 69AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTol1r-UvCMRpUd1S9U22Y&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTol1r-UvCMRpUd1S9U22Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNUWs-qd4MHHiLr9NdHRLTaTf-v9vBH46KGvYvKhzMbOvPdEqQvADBs9jdWIgpLOwfhfnG2ngiCtIU7HVFNUjtQds3SK8UoRmUEikdhDKtBEiioIvz09ebcqHZgGMDmpr8rzKvPlUlNYmFF9MqLlqT011Kyq3xsndmG2YUagGVusFHK0lAx1kCh_svdLDIuluP0cVZPA6qhp4Vq2zUVh-4UBFrw7jQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 18:23:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTol1r-UvCMRpUd1S9U22Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 69AF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN.3Ki9fLkV.-8Tz6vqicAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIq8i7wMJbLvDJqJhoMEFyY&google_cver=1&google_hm=2

43 B
766 B

47ms
47ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIq8i7wMJbLvDJqJhoMEFyY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNUWs-qd4MHHiLr9NdHRLTaTf-v9vBH46KGvYvKhzMbOvPdEqQvADBs9jdWIgpLOwfhfnG2ngiCtIU7HVFNUjtQds3SK8UoRmUEikdhDKtBEiioIvz09ebcqHZgGMDmpr8rzKvPlUlNYmFF9MqLlqT011Kyq3xsndmG2YUagGVusFHK0lAx1kCh_svdLDIuluP0cVZPA6qhp4Vq2zUVh-4UBFrw7jQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 18:23:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIq8i7wMJbLvDJqJhoMEFyY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 69AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF2Q5aeglcezpwiBSBSC57c&google_cver=1

43 B
838 B

58ms
58ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF2Q5aeglcezpwiBSBSC57c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNUWs-qd4MHHiLr9NdHRLTaTf-v9vBH46KGvYvKhzMbOvPdEqQvADBs9jdWIgpLOwfhfnG2ngiCtIU7HVFNUjtQds3SK8UoRmUEikdhDKtBEiioIvz09ebcqHZgGMDmpr8rzKvPlUlNYmFF9MqLlqT011Kyq3xsndmG2YUagGVusFHK0lAx1kCh_svdLDIuluP0cVZPA6qhp4Vq2zUVh-4UBFrw7jQ

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
an-x-request-uuid: cb77a8e7-9403-4988-b003-3cd5bc4401c2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF2Q5aeglcezpwiBSBSC57c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 69AF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg2NjYzMTMzMTA0Nzg2Mg%3D%3D

170 B
243 B

53ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg2NjYzMTMzMTA0Nzg2Mg%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
an-x-request-uuid: e24815d1-5aee-49d4-a7ac-4b91d71a3558
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg2NjYzMTMzMTA0Nzg2Mg%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 25C1 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s1.imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:59:23 GMT
expires: Sat, 17 Aug 2024 17:59:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9247 829 B
1 KB 145ms
49ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

374df3a964ce9ddb2087346324f6e1b2c6eca94fba46e0b5435b3dbee33628ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AlRTjBvLLszKLfed6nTMUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s1.imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-AlRTjBvLLszKLfed6nTMUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:23:38 GMT
expires: Fri, 18 Aug 2023 18:23:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9269 0
56 B 145ms
143ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9024556615216&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9269 0
56 B 145ms
144ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9024556615216&version=m202307240101&ct=77&x=1&cor=8719736992913310000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9269 29 KB
17 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtJNEpbT_IqoeTVPr0Fr1o9tyLTt4ZcVagPhLaTEcvecuzyLw0_mg2YPtN4SlZr3Oe4ArZsz-XpCmEB3N9MgWXlTyMTpJDjrOrGLM6sj_Mb2XPLEQ8tzBWL6BzbT-AyUuce86sklqb-eO91VOZRPJ3rXhCf77Fd33r6ggVu_L-1iWc-z0&cry=1&dbm_d=AKAmf-CYa_e2SVGfHrZ9iBOT3Eu9r2Foy28EHp9S-GUIrGBLvUl8sqTmK_HsesHVMzoKYnIS2JzVOCgX11z61dFtyxhyrDcBTlnFwjKH8iAE0dK2qB_9t7Dp1XjjugjXm8KaVZ9FXqiQsKgjuGxaqlNWlDopFOGO365y8PyNZprbyU2s4oR4TdkPBc2XarTbaCJ9F-BwajBDadthc73c3vA3tkEnlKrd8P8-6S1ow7jP0UBlBJcFE6ypi4B_Z-x0n4q7R0v669Cb0ImYx_szIDiY-lHmJAa_n4qiiDR0oORHkFZnx5TGOngws-9vsmo3dTFQB5UbNB3fpIcgkyF-idvqZJS7dmYqUozd23NoZ1Fne5cpGJgPSYUtCl3DSHZf5_yF34a5ym9yjcif2zEoYLZX-l5vDjo0QGTEEPIsUGQhrSDW5ep2-YhVJsqMRSaAQEMYGAwSVpdsI0wNywKIobfR0khKZkjIec7Gn1WOxG6U5HALXM522mIU3cQl1ctxbDnBXYVec16NFfPGDaWcNOsuxBege_35YdOwfqn-rbf9CEhL7j8Tvqey0DaQv_ZQ2nAI74U87xkRN7rHHwO1ZXe5-h6uzie0w9ZFyuogCbsCXwsLApiXkDcWsKqsMZzrsMeAb6d1DUfTlvQTSlldV-YM5So-Io_glWzkB49OdzZ1JlTpwi2fEX0YLsQ2mvrJWe3EyE-kltzM-E1kcxQ6THyiN3KjSttxflJNY7ybG9P__ae-ZH61mp_FyPUd3_TENRxbCDpmEDqcQ5K5UaN08BcGryLEvFU-v_E4bUVNmNloP0vHdwfJ9eCQG7m1LO5E2O5-uL6hUsjqbl9r8EOE3NMF575MkzptYrJbfdV_Dc2HmyFhJ4HsAAgYZzgC_D1oiQNqq_nuRNZR-mD0q32V3Hlg9eExw7_P7dt_eKcJm8QBHHCRVN6OwWdM3aBLfrrUFSAZYJvYzPF-aBFW3J9ZXSFlFwztEvxmb7tWjCPjkORWXrCyHKY_ES3Raxm7aVotHRzYgNVwyiRlYT4Vp2cRSGgyB8DDl-vYiqNYmI6nFNfsbfMt2GR8DdbmTHCKmHSLMch_ggqCbRJot4hFL6WaQG7yM8jZFC0QEk08z3Fm5xartL3rXSIFY92bhBSj2zMEExCmrUK2jPcIHksXszEIo1yjsF-8YQvLS_z6wIfXyQwr0-BRgZB5EgZVauCYKVk3Ak0RsBv2JAaB4cEl4sy7TH8hkf_WGxF90h-Og-V38I7PpdVrHxsoGwVFTdl1cg4_7oh8FFyDr17L_BmjBUZ8xUqP2ee1f8hAu4CvBH-PSIgkYY4PBVPAXSPgff6_RAkD6y72O-ZCUI2VSdGrgVzX21gECJ9IOfMe23VZVY86CMZY4VMJCNhf47V6dAmxvaa7sI2IkCIr6-6zJ9UGfmJ2x-NJP7I5OPAtZxggA0RIA5uWEgXh5Fjh7A8yHqTl0Uuzy7Qwt0twzL9Jyb7qnUAFaXBd4wmxlrwpsoB9MYMxJSqPzC7ygaZWCQ3rrOCII9ojd-AXHcNs994L-HZ31QbinjxkypLoBDsvB_JnSdILfqb5ayWC6Ko1igJN5gHtv71vsFywsRYhBKcRg-X7IrIkYQY_VrvdUgEyc8169KIpXfGEPbL1S7s6AU9_Uc3GGQCDwdaJPuXa3dPI8roCMjIiDqK0sGSVPVSrbtA9nMlITl4xkGOPOKccjF2Q4Ay48vBFrHSGwG5EvYI1hHS15lN-sXsMntBn-QtkUZ-gDEW9ML0ufF9f9L_pQO_I1btvjTy9hRdKLHsCvRSUxRD_-U4cp2-aeHbHfUHchaa901seB1WOAp79eX6i5vaX7qN5vzkn_Luh4_u-GiYCPLRP0Kj1lFVkDkdQ_IzMCib6lFZwDKCzCxQYehGQLRPK82Wxt6puMWNiDEvm_lo-6ajCXDskiWgyVMwgp1eWpwK_E4OHT_kLZL_xiViXG_ic3e7wDTAvlMre2Kb3uToaVX_z_nh_v7KIne8Pk57WDqxuAT7z0SA0O5YyjRpbqxalBMQ7ef4wBfgEVlVw_VS2NsC-DLJz4LdBVrRnYwA7i94E96ZHXda9u-lfbP1WVXw2xhgLPEvBg28hjX0GTFxSR9hwcsq_C89f6H-uociGPkNXy4E5iZor6iNIumdsh3VRUC8em-7uTda_HwUuPeN66bx2PiPk_9rzrReJlBGR3JgDxAe8CybCtJHqKc21ReI_wQrJepM_mysy6T-xBxHRXlxcuWKAXjjSukIvSRM0emSpFLjq_whKilYy-TnjX5yrgNV8da8bW0dL14wS8WZBPWOB-xZxtf3Q7zNP6myRfY2x25juPdjgy58ZvfD3rLLokzMLyxCT0AqFo5kY8Vj3xY4NfuS0osLnZZhk9Y33uM2KsgPtNGcUJyD29cYNggAIQSxVyxM4St1EPAzZiNyB9Qqd6AvZcj9ixY-6mX47gJKn4ffaeEoJLRIwlX_DWrBb_85F8pxFccQu7l525YXTdPFMzISil6IfNrxlQWg8-SUOUT0y9HWjIGRZCKbSW7-_v6gyanop75nwXVAcpl-HpHZ9fjlTnvhK_Zi1aQiLkgps10df1vVfsA6Sc8VwBGJhAt5GVzXt6g5sCa6SGcBWaCoChFHWt7kgmV53JFAKhLbcrqm-KKfBppPklW8HRAYjhMMM7SJTeYspxfO5KN6odkNUFPzQS_Nacd6mmbxz_4WvyGnYH0G_C8o4-AhOqf_RX1B3b8kLpgH64z26M1ILNarXMUITIsa9qhOziXB4yZL1KlM-twnzcsoX7w8xKSYEr-r-HLYCNqqs1_I52sDy3_rCKZicXZwRODdqJvwHeSza7OaCInemxaFNLud3vOYlmDTl34lg_RgHaGOhnnxrUEYfw9T5Mba7chJKsBQnAWROsP4iDNlYrZ1SX3BSVRxJoTe7L-9IflJ5o6R-t7w7EnDbAtMUWoJzWYvGgeR897NmI-EoUIpch3ONlT8l97-fc-nIiiaxWcVKv8vD6N8qzOWriKnncGAmIU-MjlLvEb7Y1xnwrjCJWdSMc_WCouyCwFsNikQqeLxeTgZV1BTFymY1fH-k3DcM7lCgvqYo8_0ytNvcac9gWeD1LNJFlXyMdeOhXJJeYV2BQhk7MVrF0QrIoM-VXgFq9F412Wfs8MJO48mZtsE-ABegRlHmeSfTKz7HeJbHKWXVHBrR0kVxhfp1bEwLJlSrfplv_OmKkWz7FO1SjR7KAEedjNIyfBu0x0cu_VefKbg474T2PP1X2mOhzRGkXODoolFGsGQeAmldt7b94hCrZZkDNdTTvvuaiWyp05VVAdKfrQpZ7hGpMgFbFxEw7AAcfX3m2zLsz1rqSORqh6mZebMShbIZOpac7hGINZxnJLs3wM4Shx6PEJyml37Nnh-qPlADg7BNoc1K0zxyXigJv8LPE89H7YCnv3sQQntkqkbJrNwfnrLhBtsdIrQeSwoschc9Cr9xgpu-XeRsEC_tBPbZXHbkEd7A3A0te6N7XVHJVs_e_7NRornSmR0QopCNE89ykYbBT7Tr_FJvRd-7jGpFRfML-gIFDVyS5OE4rp4XklYkxM_DbjjTXLhbSjX_kJVLzZZhBA&cid=CAQSTABpAlJWcNgbjFBLae0VVJoOD3m-3MJc0Twde2G4My3ke2k7Exud2JT2Ck2B6Ou76xmQC-hPvTrTXotqess-jUQvEpea78Q231G7p_EYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fs1.imgsed.com%2F&ds=l&xdt=1&iif=1&cor=8719736992913310000&adk=2923430907&idt=229&cac=0&dtd=37

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0f6b3fcbd0b6b05a3492ac839426570856601ac1a6d56ab22d5bef14166ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17560
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 25C1 37 KB
15 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:43:15 GMT

GET
H3 200 container.html Show response
80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60D9 6 KB
3 KB 45ms
44ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308160101/pubads_impl.js?cb=31077164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s1.imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:23:37 GMT
expires: Sat, 17 Aug 2024 18:23:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
475 B 155ms
155ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=1.32&b=2&r=imgsed.com_auto_interstitial_desktop&sy=91c3d23d-6872-4169-8ca8-2be6feb0fc93&ts=73&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=s1.imgsed.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=27554e10-a27e-4947-a351-29af7700709f&e=lm&dsReferer=czEuaW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.12.3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H7VSJ51N59B4XHMBK7WEQ3YW
date: Fri, 18 Aug 2023 18:23:38 GMT
cf-cache-status: HIT
age: 2
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ad1db80f733f09fb7341e247168edc22-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f8c3066f84f35ec-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DAD8 15 KB
16 KB 132ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s1.imgsed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 535579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DAD8 15 KB
15 KB 140ms
51ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s1.imgsed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 10843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 15:22:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 9269 30 KB
11 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtJNEpbT_IqoeTVPr0Fr1o9tyLTt4ZcVagPhLaTEcvecuzyLw0_mg2YPtN4SlZr3Oe4ArZsz-XpCmEB3N9MgWXlTyMTpJDjrOrGLM6sj_Mb2XPLEQ8tzBWL6BzbT-AyUuce86sklqb-eO91VOZRPJ3rXhCf77Fd33r6ggVu_L-1iWc-z0&cry=1&dbm_d=AKAmf-CYa_e2SVGfHrZ9iBOT3Eu9r2Foy28EHp9S-GUIrGBLvUl8sqTmK_HsesHVMzoKYnIS2JzVOCgX11z61dFtyxhyrDcBTlnFwjKH8iAE0dK2qB_9t7Dp1XjjugjXm8KaVZ9FXqiQsKgjuGxaqlNWlDopFOGO365y8PyNZprbyU2s4oR4TdkPBc2XarTbaCJ9F-BwajBDadthc73c3vA3tkEnlKrd8P8-6S1ow7jP0UBlBJcFE6ypi4B_Z-x0n4q7R0v669Cb0ImYx_szIDiY-lHmJAa_n4qiiDR0oORHkFZnx5TGOngws-9vsmo3dTFQB5UbNB3fpIcgkyF-idvqZJS7dmYqUozd23NoZ1Fne5cpGJgPSYUtCl3DSHZf5_yF34a5ym9yjcif2zEoYLZX-l5vDjo0QGTEEPIsUGQhrSDW5ep2-YhVJsqMRSaAQEMYGAwSVpdsI0wNywKIobfR0khKZkjIec7Gn1WOxG6U5HALXM522mIU3cQl1ctxbDnBXYVec16NFfPGDaWcNOsuxBege_35YdOwfqn-rbf9CEhL7j8Tvqey0DaQv_ZQ2nAI74U87xkRN7rHHwO1ZXe5-h6uzie0w9ZFyuogCbsCXwsLApiXkDcWsKqsMZzrsMeAb6d1DUfTlvQTSlldV-YM5So-Io_glWzkB49OdzZ1JlTpwi2fEX0YLsQ2mvrJWe3EyE-kltzM-E1kcxQ6THyiN3KjSttxflJNY7ybG9P__ae-ZH61mp_FyPUd3_TENRxbCDpmEDqcQ5K5UaN08BcGryLEvFU-v_E4bUVNmNloP0vHdwfJ9eCQG7m1LO5E2O5-uL6hUsjqbl9r8EOE3NMF575MkzptYrJbfdV_Dc2HmyFhJ4HsAAgYZzgC_D1oiQNqq_nuRNZR-mD0q32V3Hlg9eExw7_P7dt_eKcJm8QBHHCRVN6OwWdM3aBLfrrUFSAZYJvYzPF-aBFW3J9ZXSFlFwztEvxmb7tWjCPjkORWXrCyHKY_ES3Raxm7aVotHRzYgNVwyiRlYT4Vp2cRSGgyB8DDl-vYiqNYmI6nFNfsbfMt2GR8DdbmTHCKmHSLMch_ggqCbRJot4hFL6WaQG7yM8jZFC0QEk08z3Fm5xartL3rXSIFY92bhBSj2zMEExCmrUK2jPcIHksXszEIo1yjsF-8YQvLS_z6wIfXyQwr0-BRgZB5EgZVauCYKVk3Ak0RsBv2JAaB4cEl4sy7TH8hkf_WGxF90h-Og-V38I7PpdVrHxsoGwVFTdl1cg4_7oh8FFyDr17L_BmjBUZ8xUqP2ee1f8hAu4CvBH-PSIgkYY4PBVPAXSPgff6_RAkD6y72O-ZCUI2VSdGrgVzX21gECJ9IOfMe23VZVY86CMZY4VMJCNhf47V6dAmxvaa7sI2IkCIr6-6zJ9UGfmJ2x-NJP7I5OPAtZxggA0RIA5uWEgXh5Fjh7A8yHqTl0Uuzy7Qwt0twzL9Jyb7qnUAFaXBd4wmxlrwpsoB9MYMxJSqPzC7ygaZWCQ3rrOCII9ojd-AXHcNs994L-HZ31QbinjxkypLoBDsvB_JnSdILfqb5ayWC6Ko1igJN5gHtv71vsFywsRYhBKcRg-X7IrIkYQY_VrvdUgEyc8169KIpXfGEPbL1S7s6AU9_Uc3GGQCDwdaJPuXa3dPI8roCMjIiDqK0sGSVPVSrbtA9nMlITl4xkGOPOKccjF2Q4Ay48vBFrHSGwG5EvYI1hHS15lN-sXsMntBn-QtkUZ-gDEW9ML0ufF9f9L_pQO_I1btvjTy9hRdKLHsCvRSUxRD_-U4cp2-aeHbHfUHchaa901seB1WOAp79eX6i5vaX7qN5vzkn_Luh4_u-GiYCPLRP0Kj1lFVkDkdQ_IzMCib6lFZwDKCzCxQYehGQLRPK82Wxt6puMWNiDEvm_lo-6ajCXDskiWgyVMwgp1eWpwK_E4OHT_kLZL_xiViXG_ic3e7wDTAvlMre2Kb3uToaVX_z_nh_v7KIne8Pk57WDqxuAT7z0SA0O5YyjRpbqxalBMQ7ef4wBfgEVlVw_VS2NsC-DLJz4LdBVrRnYwA7i94E96ZHXda9u-lfbP1WVXw2xhgLPEvBg28hjX0GTFxSR9hwcsq_C89f6H-uociGPkNXy4E5iZor6iNIumdsh3VRUC8em-7uTda_HwUuPeN66bx2PiPk_9rzrReJlBGR3JgDxAe8CybCtJHqKc21ReI_wQrJepM_mysy6T-xBxHRXlxcuWKAXjjSukIvSRM0emSpFLjq_whKilYy-TnjX5yrgNV8da8bW0dL14wS8WZBPWOB-xZxtf3Q7zNP6myRfY2x25juPdjgy58ZvfD3rLLokzMLyxCT0AqFo5kY8Vj3xY4NfuS0osLnZZhk9Y33uM2KsgPtNGcUJyD29cYNggAIQSxVyxM4St1EPAzZiNyB9Qqd6AvZcj9ixY-6mX47gJKn4ffaeEoJLRIwlX_DWrBb_85F8pxFccQu7l525YXTdPFMzISil6IfNrxlQWg8-SUOUT0y9HWjIGRZCKbSW7-_v6gyanop75nwXVAcpl-HpHZ9fjlTnvhK_Zi1aQiLkgps10df1vVfsA6Sc8VwBGJhAt5GVzXt6g5sCa6SGcBWaCoChFHWt7kgmV53JFAKhLbcrqm-KKfBppPklW8HRAYjhMMM7SJTeYspxfO5KN6odkNUFPzQS_Nacd6mmbxz_4WvyGnYH0G_C8o4-AhOqf_RX1B3b8kLpgH64z26M1ILNarXMUITIsa9qhOziXB4yZL1KlM-twnzcsoX7w8xKSYEr-r-HLYCNqqs1_I52sDy3_rCKZicXZwRODdqJvwHeSza7OaCInemxaFNLud3vOYlmDTl34lg_RgHaGOhnnxrUEYfw9T5Mba7chJKsBQnAWROsP4iDNlYrZ1SX3BSVRxJoTe7L-9IflJ5o6R-t7w7EnDbAtMUWoJzWYvGgeR897NmI-EoUIpch3ONlT8l97-fc-nIiiaxWcVKv8vD6N8qzOWriKnncGAmIU-MjlLvEb7Y1xnwrjCJWdSMc_WCouyCwFsNikQqeLxeTgZV1BTFymY1fH-k3DcM7lCgvqYo8_0ytNvcac9gWeD1LNJFlXyMdeOhXJJeYV2BQhk7MVrF0QrIoM-VXgFq9F412Wfs8MJO48mZtsE-ABegRlHmeSfTKz7HeJbHKWXVHBrR0kVxhfp1bEwLJlSrfplv_OmKkWz7FO1SjR7KAEedjNIyfBu0x0cu_VefKbg474T2PP1X2mOhzRGkXODoolFGsGQeAmldt7b94hCrZZkDNdTTvvuaiWyp05VVAdKfrQpZ7hGpMgFbFxEw7AAcfX3m2zLsz1rqSORqh6mZebMShbIZOpac7hGINZxnJLs3wM4Shx6PEJyml37Nnh-qPlADg7BNoc1K0zxyXigJv8LPE89H7YCnv3sQQntkqkbJrNwfnrLhBtsdIrQeSwoschc9Cr9xgpu-XeRsEC_tBPbZXHbkEd7A3A0te6N7XVHJVs_e_7NRornSmR0QopCNE89ykYbBT7Tr_FJvRd-7jGpFRfML-gIFDVyS5OE4rp4XklYkxM_DbjjTXLhbSjX_kJVLzZZhBA&cid=CAQSTABpAlJWcNgbjFBLae0VVJoOD3m-3MJc0Twde2G4My3ke2k7Exud2JT2Ck2B6Ou76xmQC-hPvTrTXotqess-jUQvEpea78Q231G7p_EYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fs1.imgsed.com%2F&ds=l&xdt=1&iif=1&cor=8719736992913310000&adk=2923430907&idt=229&cac=0&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9269 41 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 13:42:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 60D9 4 KB
744 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 16:53:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 18:23:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D339 6 KB
779 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 18:06:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 18:23:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame D339 2 KB
892 B 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame D339 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:47:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame D339 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:47:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8A00 1 KB
643 B 45ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Sat, 19 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame D339 20 KB
8 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D339 180 KB
56 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 18:23:38 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame D339 35 KB
15 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 60D9 20 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 14:51:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60D9 205 B
296 B 136ms
50ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:55:22 GMT
x-content-type-options: nosniff
age: 228496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Aug 2024 02:55:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60D9 604 B
920 B 135ms
49ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:17:37 GMT
x-content-type-options: nosniff
age: 248761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Aug 2024 21:17:37 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 9269 43 KB
18 KB 179ms
77ms Script
application/javascript 5.9.137.180
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.9.137.180 Tuttlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.180.137.9.5.clients.your-server.de
Software: nginx /
Resource Hash: 9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Fri, 18 Aug 2023 18:23:38 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 18 Aug 2023 21:23:38 GMT

GET
DATA 200
OK truncated
/ Frame 9269 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a3f3c2e081950ab42051d5cf3e2dfda2c86f130efdfd007954e9d1445d8976c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9247 0
0 140ms
140ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308160101&jk=549134298114104&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DAD8 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:26:59 GMT
x-content-type-options: nosniff
server: cafe
age: 75399
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 18 Aug 2023 21:26:59 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DAD8 295 B
319 B 39ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 74584
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 18 Aug 2023 21:40:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A00
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDMKoCvIkSoxmZOUKd0Sc18&google_push=AXcoOmTfQzPkgP_ClOmHmVZl0oSFzdC6YluXeKRbVdf74ld3ylqb52Vg3N...

170 B
188 B

51ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDMKoCvIkSoxmZOUKd0Sc18&google_push=AXcoOmTfQzPkgP_ClOmHmVZl0oSFzdC6YluXeKRbVdf74ld3ylqb52Vg3NgJ2jdm5fNKTFJWP_Lj7nX6mcEcO_8NYq8FrotOseGKQg

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230024-FRA
pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692383019.518863,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDMKoCvIkSoxmZOUKd0Sc18&google_push=AXcoOmTfQzPkgP_ClOmHmVZl0oSFzdC6YluXeKRbVdf74ld3ylqb52Vg3NgJ2jdm5fNKTFJWP_Lj7nX6mcEcO_8NYq8FrotOseGKQg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A00
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEGjHLQrcC2L0Tkpo8j8KECQ&google_cver=1&google_push=AXcoOmSF-EG8NC9e5pbr45SGz7zaVT0ZLMESzxFyox1Vi8ewTG6w_eirm8q2kKrvVTLvsQUhSPzwq5IDxZ6...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSF-EG8NC9e5pbr45SGz7zaVT0ZLMESzxFyox1Vi8ewTG6w_eirm8q2kKrvVTLvsQUhSPzwq5IDxZ6N7gVXSr2n00cNgQ9Bxg

170 B
188 B

51ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSF-EG8NC9e5pbr45SGz7zaVT0ZLMESzxFyox1Vi8ewTG6w_eirm8q2kKrvVTLvsQUhSPzwq5IDxZ6N7gVXSr2n00cNgQ9Bxg

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSF-EG8NC9e5pbr45SGz7zaVT0ZLMESzxFyox1Vi8ewTG6w_eirm8q2kKrvVTLvsQUhSPzwq5IDxZ6N7gVXSr2n00cNgQ9Bxg
Date: Fri, 18 Aug 2023 18:23:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A00
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFInG5xPgFOY2sw24I98Obw&google_cver=1&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuTT-pFd...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFInG5xPgFOY2sw24I98Obw&google_cver=1&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuT...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExMjU0ODU0MDIwMjQzOTk2&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuTT-pFd...

170 B
188 B

51ms
51ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExMjU0ODU0MDIwMjQzOTk2&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuTT-pFdXWA3jFfG1q_oVa3yx5S5OQ

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjExMjU0ODU0MDIwMjQzOTk2&google_push=AXcoOmRBz5G94pRWxrurky05nbnV1f6R9MqLSOb3Fn2qBeGx6VLmroyqD-HG3zPhJh5xCCUYyuTT-pFdXWA3jFfG1q_oVa3yx5S5OQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A00
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECa8L8R6GfhbI1YXuunP-GI&google_cver=1&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECa8L8R6GfhbI1YXuunP-GI&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD0miDfn8jtLAVvGd7Q&google_hm=NnpQbVFiV1ZMQ3ZVeW...

170 B
188 B

49ms
49ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD0miDfn8jtLAVvGd7Q&google_hm=NnpQbVFiV1ZMQ3ZVeWFnZGNBTWc=

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 18:23:39 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRSsXV59N3BXbUXj-FiiXdhGPNsgYm1v0daPnc81AL7HkcAj2L6-vOM-UtQumomLB_pDNDvjlhzmIEbD0miDfn8jtLAVvGd7Q&google_hm=NnpQbVFiV1ZMQ3ZVeWFnZGNBTWc=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A00
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEDalbauWNnXz3gMVa_ZGPxA&google_cver=1&google_push=AXcoOmRpJdy3RxR7pFpm3p70ZQNEZwyhTvznr-RG7h-o6JzSJ1FSDRfkJ_t1HfFdjlVZiRFbRgojvnRvol5Sq9cxYfx9lpYGbB-8bw
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRpJdy3RxR7pFpm3p70ZQNEZwyhTvznr-RG7h-o6JzSJ1FSDRfkJ_t1HfFdjlVZiRFbRgojvnRvol5Sq9cxYfx9lpYGbB-8bw&google_hm=M203aUx5eUdHRHlzY3...

170 B
188 B

50ms
49ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRpJdy3RxR7pFpm3p70ZQNEZwyhTvznr-RG7h-o6JzSJ1FSDRfkJ_t1HfFdjlVZiRFbRgojvnRvol5Sq9cxYfx9lpYGbB-8bw&google_hm=M203aUx5eUdHRHlzY3I1RzR3TUU=

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRpJdy3RxR7pFpm3p70ZQNEZwyhTvznr-RG7h-o6JzSJ1FSDRfkJ_t1HfFdjlVZiRFbRgojvnRvol5Sq9cxYfx9lpYGbB-8bw&google_hm=M203aUx5eUdHRHlzY3I1RzR3TUU=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame 8A00 0
134 B 484ms
111ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEKKdLIHOh7MeXPxD7jFAmxw&google_cver=1&google_push=AXcoOmTHfktC0Rcjvb19xffPMW6Mtx3TDUPshY6dL3GwmdI92MRtaGVkn3qEqYaWpGd40geDiccqiTaTYjL6mLzbE1YhYC9XbvV-lw
Requested by: Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Aug 2023 18:23:38 GMT
server: CookieSync Server
content-length: 0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 8A00 0
35 B 149ms
41ms Image
text/plain 52.58.1.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECks0tNF9wQA-4VWOhW-2-c&google_cver=1&google_push=AXcoOmSVj4Rnyj28QeJeg9PvDQmkOCYJkzzvwHf_a1eNJPYqXPWdD8MNBeJlfBAyCIkYcH8jv005vx9FZ-OEXjL7eyQYZHYyVxEA5o4
Requested by: Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.1.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-1-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8A00 0
12 B 48ms
47ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGe1KC34wHlhqvrjFWWkBKAgivmfcj5ogD7MdTQARyaZLECNxJPLqK_TEXNXbmIEkpLKHT6A

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9477 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DAD8 0
0 86ms
85ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBi5SKbffZL3-Hoii-waFpr4gmM-fuXLR8p6Z-BGkhZPAsAEQASCVm8ohYJWCgICQB6AB4IKjrCnIAQmpAvxqb-QeN7I-4AIAqAMByAMKqgTiAU_QNtOSWdn4fNcm7O11E_af8JVqhbOdWhYqzevOYgH4amtZxExGZB9ffQOREexS6Mhf5yXNQtumfjZoY-OhuXvzVVDw48IicNLJeEHMuiNuHOHDsK6nZYDhSZC-QwxJZJX4ZpgO3ab9Tctb08iZMK1LUCJLMi0gxiL5DxaXOZ2M1JenyqWpfCX5vOrRzF_U8U5L2dL5p5cv-uwM6pNvGd5SAsRUqVjRH0xXDpONPvpVcu4_ArTAJV86Vicqhi1o4RLDwvINsL9ymNNpCjuTlS5u3KAS3xsTev9UTu2_t94zB_PABPHPuZjEBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfguvOLBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIfPEtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCf4CaHR0cHM6Ly93d3cubWF6ZGEtYXV0b2hhdXMta29lbmlnLWZyYW5rZnVydC5kZS9iZXJhdHVuZy11bmQta2F1Zi9tYXpkYS1tb2RlbGxlL2FrdHVlbGxlLW1vZGVsbGUvbWF6ZGEtY3gtNjAvP3V0bV9pZD0xLTM1NzQ5NDc5OTI0NSZ1dG1fc291cmNlPWdvb2dsZWFkcyZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPW1tZF9wZG1fY3g2MF90b3dpbmdfZGVhbGVyX2RlXzE1OF8wODIzJmNhbXBhaWduX2ZvY3VzPW1hemRhY3g2MF81d2duJnV0bV90ZXJtPTExNDA4JmNhbXBhaWduY29kZT1tbWRfcGRtX2N4NjBfdG93aW5nX2RlYWxlcl9kZV8xNThfMDgyMyZtY3BfaWQ9MjY4MTQtMV8xMTQwOCZtX2NhbXBhaWduPWN4LTYwX3Rvd2luZyZ1dG1fY29udGVudD1wZmVyZIAKA8gLAbgT5APYEwKIFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=JUCyOn7qfbI&uach_m=[]&ase=2&cid=CAQSTABpAlJWykl8dTn9D3vEFkxQWNh6CVpzdFMBR4CjafoXRLaiqcZ7uMlmfW-3XmcU-Tfl5Z-6Kouw45Z0cXmYxGKDk0o7aL5MippA62UYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 25C1 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Yu_Neg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame EBF0 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: s1.imgsed.com
URL: https://s1.imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:43:15 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.1/modules/ Frame 9269 20 KB
7 KB 198ms
49ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.1/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: df0cfed8068fc1d852e4b9e1463d565d9dcb076efd45d7d5edef9e1a03fbd9cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 15:25:23 GMT
server: ECS (frb/67A8)
age: 25
etag: "64b01763-4ef0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7290
expires: Fri, 18 Aug 2023 18:33:38 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 1F2E 2 KB
1 KB 185ms
45ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 30
cache-control: max-age=600
content-encoding: gzip
content-length: 943
content-type: text/html
date: Fri, 18 Aug 2023 18:23:38 GMT
etag: "63e39f32-744+gzip"
expires: Fri, 18 Aug 2023 18:33:38 GMT
last-modified: Wed, 08 Feb 2023 13:10:10 GMT
server: ECS (frb/67E0)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9477 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 13:43:15 GMT

GET
H2 200 tag236618 Show response
ads.revjet.com/ Frame 9269 261 KB
37 KB 56ms
55ms Script
text/javascript 5.9.137.180
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236618?_plc_id=111756827&_key=5e0&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDpaXKbffZLuHEazJ-waogZGYB8Djlexx8MHzpfQRwIOA7JACEAEglZvKIWCVgoCAkAegAbmskIspyAEJqQILs85A8zyyPqgDAcgDmwSqBPMBT9BFihb9tnv3Dqb2yM5C147FtRQeSLEick_098c6YonXVzVaKsDRFq5KRuVgU5RXKQUt7OUIkLF-Tb6jSpMB6wVuXWEoEKBkQBVryHDAvKdiLGzf00Asp7hjYLWl54neGiINwUrxDGcT59W2EwUlj3NfhqOWvAB1WZyH31km5_taaZQp18ODkRv3ITSZpgxIwNUF7cD3OS2-F99DOXxKQeUZfdp4Ak2XecqkXQKPaJkj_pbFH9hu3RSl0HErweBNE-uWzEUCPp3SutJLUQOJmNX_rr8QG120RcRB92fRKyt7EwS81I8vMPLDlutcJmL5vO0jwATZ94uJwgTgBAOQBgGgBk2AB7nk4OoDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbAThOOpFNgTDYgUBdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI-7_GhOrmgAMVrOTeCh2oQARzEAEYASAAEgKlCfD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWcNgbjFBLae0VVJoOD3m-3MJc0Twde2G4My3ke2k7Exud2JT2Ck2B6Ou76xmQC-hPvTrTXotqess-jUQvEpea78Q231G7p_EYAQ%26sig%3DAOD64_1meQ-3B611PwSBWPxgBoKSD3wEvQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-BNUG-6R1cxAym6MOYW02yJd3Q-qxN0TOgeJowCtAFU5vC_TSlizuGFXi5G-ZmqlZ2wqE29WrbzEoAqnmGE6LhJ8orL9lACFBWubZoOcF_Ayy_VJae-5gmA5nbygUdidMhvVnTtGyYER57UXK1vDnTtfsTDai8rx17BFP3C5PbMrSSIHB0%26cry%3D1%26dbm_d%3DAKAmf-DHQdZmtScYhzFDUwEjodt92_Rs1ho3idx-4Q2l9KCA78mF80nt0gUQQjktoDOVCNZMJD_K11AcnYrlE9DRYsq0ggbCp2VP545qz3dA43bOcYU-4wChr_qEcakm1fxCmZiifc_47I_m5nkYAUcxgL0QV67J70lC4DGhb3Ir7bEiDMrLfw-JjjtgBChuQATKqsAaHSQ9-t4pxCX2CybpH5BrhMKegXrdcprtJS9_UySXixuYnpVgqzkytI0rFm8JP0GDm9jykDImwXCncpu3ibmnVj5MWUmv7i-3fh36lA3bxH_cUBVzWDWy7eqtpjIMg7NFynymuxNNYqTcTJuc8SF478zUydNgQZgg2lFXiLrJ7R7HPlf_6_j2SgXZcgtv_8TOQThbUzgfLvHDY9pE9mMfESaegvuBaddHd0wZiQGqoWww9CRaWV_Ka_0LxL7ErOo0YTYxjP9exH1g-HPqWWvyATxghqLYBvUZOYdDVNmmL0TTObx3yihi4cWzZxmwiRAgAu3EHbxQqoDKjN9PPwqLgpzhI_iQSGIpHMqY-mJWG-866uY%26adurl%3D&dv360_cmp_id=20387869572&dv360_li_id=1013850832&dv360_crv_id=467101067&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fs1.imgsed.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=586c62bbcfd1da52bc_1692383018724&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fs1.imgsed.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.1&_js_tstamp=1692383018729
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.9.137.180 Tuttlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.180.137.9.5.clients.your-server.de
Software: nginx /
Resource Hash: 5846f8322ceafd929e27720eb0f2f1e02dab4b74dda7778209d7f82ace141944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip52914
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9477 0
20 B 143ms
143ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bgf-aKrffZLPSArPD9u8P1eG0iA4AAAAAOAHgBAI&bg=!m5ilmMzNAAZGPLJIZjw7ADkAdvg8WnIluu7QVfae4cPymMrxTZLLkIYl0L2FL-qV96NZ743O53wo85y8Q450H1mooDpB0s1HdwwCAAAAjlIAAAAIaAEHCgBQ-ERkMycCcFR8BJhadva87escpHQmFe5nYGBgqeXydG_0GBuPuo1fD1QzfyBEFPaQLS2mmYrIeLtjVXgI0Vrxwj8--LtZ4glHSpNavnnn0p2ZAxGKg1b64sCdIkM_gIGJTChlKzogodkmqwVYtr0czB880CCvT0qaky0fSiqcJ1M3GnxObhY-DlVkdcUdE43xdB5ltrUtyWagT2I6bjGOSmTAPtyGUBFrnd_rkCbKP207eNJLWTVUPyMHnmF2VEUHdLbg7RHRhbgyE8MQ6v5yzv1_ZRTqa75aU5KiSOeC96nKfJm5ZjJgjAsJor10p60eu95l9J4Bx9zSAVtj_C3J2Te82Fl6i9QSiF4C2QBU1bjkVlPNbsFL2QQKlJfdjtVE_AgCLUqyxWBLx_twNgJm1UdX-Cs0DF7wi0cd-8BK8Od633zDeFjJqjNhd3ZicSeUYDhe5sdDZ3T3eIhvz1DgQKs2rKhyjmrftRBNN4IQ5QTx9nUWxqheJxtvwceaXmUl3iyKSYu5JEeN6EGbJK-q_fRQuUMKXeZyfhE2VljGt7jF-ca4IuyUQYQEat_RHSHzckfiLGhX_zd5ds0asZPLhNbE8PF1TdO34kCagrQunH_Y64JGJM1OZ8CTriIrG0hmD0WycZJx9IBhlVtd58Q7qoq2o1y-nFrD3LEJ4HUUqKFodEK8ovZdWhaD0NkUMZEPpWiVDG0Uw2ekTpkSWAsnDcRM7PEXJrkUWS8kCgx_mhjNHqsOBCdd9xamO3piqeOmYy_16tEhk5xeADooqAoYYgDK5whoMtf8WHEICYIANLwRxfib2xsUFltgKGL8qGGaw1DEVgz8T9uR99cDMrFp9M34Qw91LFOvTyyA4fS5hBWkvOOy0JhAjAafN2ODktdtIEJge7nqlHzPUouudn0Aeu_EDllQ2gJL93h09ArsrsmV1ZyU3iMeJaxicwR9eSq0ct7RXb3bb4hLv77x9JMsEDM_-ZI01HZyIgVQWLBfeRyleRFZ-mvWoq3qF9knaNXhH6Weul-essmYWwhgvV_4Ss_a7cH1GfW8Vj0dz_6kynBXmvhKmS4_VjMTC1vVC0NQqhbsyWubzxXZOTMbc1QonSviiVEFZzQudHh9Ni6DcsZXossKLFkKvgagqfjIVb76rOKaVA

Requested by

Host: 80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
URL: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 6B4D 174 KB
52 KB 233ms
115ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: 84f03fb4a3209d20968b4bcdb6bdc55442d8290b119723f19853fd6cc9f134da

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Origin: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 22:05:24 GMT
server: ECS (frb/67E2)
age: 49
etag: "64b1c6a4-2b739+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 52676
expires: Fri, 18 Aug 2023 18:33:38 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 6B4D 43 B
169 B 203ms
58ms Image
image/gif 65.21.233.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=89b41f8146e2f8248edb7e57c87b5303&__adt=8240603970322267369&__ade=1&vid=5077122493360340733
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.18 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 18 Aug 2023 18:23:39 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame 6B4D 33 KB
33 KB 41ms
40ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 2446
x-amz-request-id: QS26GW354VKS65V7
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: Qyb3qoOscg7C0AjCfP0FaUmfWAMt9iq2xOJGcLFiqTGLIBClmcdU+RHFN0vdorqcUAuoQ8hQBD0=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (frb/6712)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 18 Aug 2023 19:23:38 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 6B4D 56 KB
15 KB 41ms
39ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (frb/668C)
age: 596
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Fri, 18 Aug 2023 18:33:38 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 6B4D 3 KB
2 KB 80ms
79ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 2455
x-amz-request-id: GWN39Z6J3NS80BZ7
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: Pv1n2JTfye1D4orxtd/POtgD6L6Os03joMr0dff/szBcBWyB5gjN4/fZYa7WrOvFTvz9uOa3yjk=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 18 Aug 2023 19:23:38 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 6B4D 632 B
661 B 79ms
78ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 2452
x-amz-request-id: TB2YCW8Z91CN41W9
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: 4498kdai+vhskoDC5jU0nsvvw3lf3EwqPbCUg1ZaXdAXPYTTNZG3/4pWIW6zXOGE0V8prcXf+rk=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 18 Aug 2023 19:23:38 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 6B4D 7 KB
4 KB 80ms
79ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 2450
x-amz-request-id: AH7R1HRS66MXV9KP
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: a8avt7hQS3N2euFRnyaz07ZJez+aJe7VpI896c4nwuKUQrtMzVs9gepbKgWd6u7VSKPJTu1Hyd0=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 18 Aug 2023 19:23:38 GMT

GET
H2

200

B29257362.357498769;dc_pre=CL2UroXq5oADFWCR_Qcdo4cCgQ;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1692383018761
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 6B4D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=16923830...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CL2UroXq5oADFWCR_Qcdo4cCgQ;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

62ms
62ms

Image
image/gif

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CL2UroXq5oADFWCR_Qcdo4cCgQ;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1692383018761

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.184.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CL2UroXq5oADFWCR_Qcdo4cCgQ;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1692383018761
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 6B4D 43 B
170 B 192ms
57ms Image
image/gif 65.21.233.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=89b41f8146e2f8248edb7e57c87b5303&__adt=8240603970322267369&__ade=1&vid=5077122493360340733
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.18 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 18 Aug 2023 18:23:39 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 HelveticaNowText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6B4D 34 KB
34 KB 170ms
76ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Origin: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (frb/6760)
age: 25
etag: "631b6705-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 18 Aug 2023 18:33:38 GMT

GET
H2 200 TiemposText-Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/ Frame 6B4D 34 KB
34 KB 127ms
76ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/TiemposText/TiemposText-Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Origin: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
last-modified: Tue, 31 Jan 2023 19:46:47 GMT
server: ECS (frb/67AA)
age: 39
etag: "63d97027-8830"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34864
expires: Fri, 18 Aug 2023 18:33:38 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 6B4D 286 B
456 B 40ms
39ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 2455
x-amz-request-id: GWN2GT2QD6WG9GA5
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: 1uMWLj+m+siq/P3A6x0aZdau887T7QiS3XdsasQRhok1U0/V5tkfDfhv008WvwtdnQXkgJNw3iE=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 18 Aug 2023 19:23:38 GMT

GET
H2 200 HelveticaNowText-Medium.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6B4D 36 KB
36 KB 88ms
39ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Medium.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Origin: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:38 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (frb/67C1)
age: 25
etag: "631b6705-8e74"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 36468
expires: Fri, 18 Aug 2023 18:33:38 GMT

GET
H2 200 HelveticaNowText-Bold.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/ Frame 6B4D 34 KB
34 KB 40ms
40ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/HelveticaNowText/HelveticaNowText-Bold.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 8f2e0ab27b9cc767a52fe96052e61ec81db235a7d074a34a44ffe8634bf939c5

Request headers

Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
Origin: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:39 GMT
last-modified: Fri, 09 Sep 2022 16:17:09 GMT
server: ECS (frb/67A8)
age: 29
etag: "631b6705-8678"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 34424
expires: Fri, 18 Aug 2023 18:33:39 GMT

GET
H2 200 2099615594_uc
cdn.revjet.com/s3/csp/catalogs/prod/111523634/ Frame 6B4D 217 KB
218 KB 40ms
39ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/catalogs/prod/111523634/2099615594_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6793) /
Resource Hash: 09ee9b6ccda5f6250d296ca5d1583eebe34991b95aa3a2bd54de57d2097b401e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 18:23:39 GMT
x-amz-version-id: T9y6PTjoGGhlmUGHjDa.W27Xy6c2krAU
age: 890
x-amz-request-id: HM1RERJMKHMQWA5M
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222589
x-amz-id-2: C+BgAFc3LaIPZxto/zsuQjaCi2VNMgAN1dPWpndDQtFLAsvmPYdvjZgB12rkGcFphdTraJ/d/8k=
last-modified: Mon, 24 Jul 2023 09:28:34 GMT
server: ECS (frb/6793)
etag: "285fd81795ff2df0bd3e4cfc9cc1a976"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Fri, 18 Aug 2023 19:23:39 GMT

GET
H2 200 55ad175f732a42a7b1e55bfd411d8cce.jpg
img01.ztat.net/article/spp-media-p1/8fabd1f52cd6440f942611a97511e921/ Frame 6B4D 5 KB
6 KB 160ms
43ms Image
image/webp 2600:9000:206f:6800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/8fabd1f52cd6440f942611a97511e921/55ad175f732a42a7b1e55bfd411d8cce.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e32b5f89a2233037989e27fdbd0ff693ce9f9f17614b9d856107bd20f1f58a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 19:23:45 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
age: 1292395
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5290
x-amz-expiration: expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Wed, 12 Jul 2023 12:32:04 GMT
server: AmazonS3
etag: "db139769679ee360b95346734babed4a"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: XcnF8aUlp0j_WjXMjPWPb3F3cnyZ-13G0EiQu-iUZonk2eXvHH5QCg==

GET
H2 200 6122e35843444cb8a3a6fb80179f69d0.jpg
img01.ztat.net/article/spp-media-p1/532ebbdcda904b7faac8c8c407c34cf7/ Frame 6B4D 5 KB
5 KB 162ms
45ms Image
image/webp 2600:9000:206f:6800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/532ebbdcda904b7faac8c8c407c34cf7/6122e35843444cb8a3a6fb80179f69d0.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fce58f74359de4d683423199534997fbba0a81ab6fdd72125d0beb9086b42b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 22:00:06 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
age: 1542214
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4926
x-amz-expiration: expiry-date="Sat, 04 Nov 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Wed, 26 Jul 2023 14:42:46 GMT
server: AmazonS3
etag: "c3d176dd714f36d1d48a48bd914f0cc0"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xh850aLl2A7FOKC0njncnfV1fjSH4uBrdw8qzF8Ds81EBq2F7SmEjA==

GET
H2 200 cb95e1d9d0774864bfceecdba743e83a.jpg
img01.ztat.net/article/spp-media-p1/6a9f449ba493436fa964e72ddda7a521/ Frame 6B4D 10 KB
10 KB 167ms
50ms Image
image/webp 2600:9000:206f:6800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/6a9f449ba493436fa964e72ddda7a521/cb95e1d9d0774864bfceecdba743e83a.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04a9f63a65ce14f2dcb4321eeb773ccd884948a7a5e5bded5f27115f1f4c132b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:10:15 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
age: 1595605
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9878
x-amz-expiration: expiry-date="Fri, 03 Nov 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Tue, 25 Jul 2023 10:04:41 GMT
server: AmazonS3
etag: "e7b7560ff20eb70f83793ad62754bdc9"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OP-KB9K8DeTdTQX-R_S_NKMzP2mBBJbW4NHzGS9nJiy4WTMrmdg3ZA==

GET
H2 200 9d001a7a4ae24ab39868fdef2ae2d95d.jpg
img01.ztat.net/article/spp-media-p1/9374672faed24e26b4bccc8a0084cc15/ Frame 6B4D 6 KB
7 KB 169ms
53ms Image
image/webp 2600:9000:206f:6800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/9374672faed24e26b4bccc8a0084cc15/9d001a7a4ae24ab39868fdef2ae2d95d.jpg?imwidth=350
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 696612f1c9e97dada903b8b4b7cc00f0135d8fb61d068c47298f422585df4db8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 22:00:06 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
age: 1542214
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6342
x-amz-expiration: expiry-date="Fri, 03 Nov 2023 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Tue, 25 Jul 2023 10:07:57 GMT
server: AmazonS3
etag: "d4f9cc7c7ddaa2c9b7a8ff1ee7a26f71"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nJYmcCTTHhF28cNzDLI_NcDngKRjMe4YmGTXTPU3-WrnezVRdIz19g==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 145ms
144ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308160101&jk=549134298114104&bg=!vb6lvurNAAZGPLJIZjw7ADkAdvg8WlKVvELZ8rLh70mZXMR9nErCbidPmJfs5e86zKTc4GD7-qBzDYclHg-39F_rtIHAT0UaeKcCAAABzVIAAAAJaAEHmQLC-NnznWtz-im5wthf2ulISxegQSTfZkCX4CJyAwxAuwomPMXpo0F-9EY8wmi1Gytlk30R5lfK9sLhILlqXMQTRAeMp20HxBOH2pcbJFg1Rh5UtE5lH-w3bJiSVRXKifl6koS7xY1Xb95LDE0HU5rmQ8OeESVUlGfWQGX7wJ4GhMSO89CQqI-Lh-j6KkwaXre14-E0N6bDvf6elwUjTA3OkomyUKukHI8gmgPG0JlOyMRAPmqroNSbZUHEtg4YGJUioynC9eLm1N5m8KzPxDc_XKaQm33ij3s89PpqT1Hg2YBIIroTLaIZbXa21kQmxFqb0_tFm1nL2m40Bx5Vk_972y5rfBAZad7_jHWCVVo8AnC0kY6di84Wnho8QneXSJS4vT0sytwlR6JrJoLst4U2w33CXK3hs82zPUjaQs9CZ2meC9QJjnO2wnjF7NAcmAwiKbeqE5xMazO4b4PhdT5ETaZtGElDc-vbnBOffQbN4c2XyXv3jnOQA8uISLz8on7hAj58qvCpU2cceIUd-E6JRzyjQS4fhDtr6jHt_GGHu-uhALd__IvAghiB18jiwHHWHCKVKT7lxjP_iJ4ZQ_DLSv7da7usAVZ-DOfo__re8FMytvogmP4k5M2iiVkSw6P3POSHMjizpfHGkKlAnTrhCCo6fxOazqIj5pG-swFJ9c03s6WuaQm3KacrVPmrXA6XiPjmGcG5Px3G9NMsYeYZ9dI2Ond7qkGkkQ7qoXzYFwtaIYYfGthGWSkPb44Pj7zEkZJmIgXJcmVyaviICGL9JwxTJe4md5qPH3Y-NqJ5ki6QUzadg7oJKgpHidE1bMKvi50RY3Je9HlzcRoULf0q6chJWLykbIHP72TXLi-Ts1hlFWa8ikX3KcidySgQfTvdGANDvMv-rK4lVOd04rLHakgWkNeLiNu4WoqHo44G1avdQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9269 42 B
174 B 145ms
145ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTEfwcD-L44LTZIjA5jN16k42UCH5AYhTExTTOoICwoUtfoBTFaxQAovUJ7auycuVERJuzYHZxGCCNr1rm2gAzmhl37yF--mlz3TqGEOnFemnx0rGvWNP5RHaGnLoGKuu6XMUgQIqNWONV&sai=AMfl-YTd1P6iHLPdBi9q1SmE6nchEgh9Z8a8ncAkJg3RLZIej34gG15K6yaaShXsM9p-e1vYPiZGfs_ZgOzBz4eULRzgr4gS0Oc9RKiqgl2bHcEzrMyrubccUg7gKT3qhDyjTvOLwlEh2IjqLOd_2A&sig=Cg0ArKJSzKCt-7O2G9mXEAE&cid=CAQSTABpAlJWcNgbjFBLae0VVJoOD3m-3MJc0Twde2G4My3ke2k7Exud2JT2Ck2B6Ou76xmQC-hPvTrTXotqess-jUQvEpea78Q231G7p_EYAQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=55489845&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692383017683&rpt=603&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DAD8 42 B
64 B 144ms
144ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCuPD1cUpHfAzwRS_fmwSSSlSeT5pb148ZfY3pKdCV92MP41iq3l5g7zUIXWs1UoUoxlZZRzOHI7KVsYgMQNwt11onyEDY0QKpufiqpC3lEBY-ivzlZWRYkycsyk99ptPe_JUIW8HWDIXH&sai=AMfl-YTPZxRTLuW5p7YdYShQTrMkDWGaX_VDORwq9MSQXuekq90jzoXXb9rdre1H-L713cKRxQNTrySrjQ0Nmiag5XorMHDMXyuR8LiyhGpOsc9ZHG5mAZSVg60hfXybHjsdgojIMjf7X9l9wk3hPQ&sig=Cg0ArKJSzDiTlPIpT4pJEAE&cid=CAQSTABpAlJWykl8dTn9D3vEFkxQWNh6CVpzdFMBR4CjafoXRLaiqcZ7uMlmfW-3XmcU-Tfl5Z-6Kouw45Z0cXmYxGKDk0o7aL5MippA62UYAQ&id=ampim&o=550,298&d=500,320&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=576&tls=1576&g=100&h=100&tt=1576&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame 6B4D 43 B
169 B 58ms
58ms Image
image/gif 65.21.233.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=89b41f8146e2f8248edb7e57c87b5303&vid=5077122493360340733&__adt=8240603970322267369&__ade=1&latent=0&vis_type=8&__stamp=1692383020153
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.233.18 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.233.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 18 Aug 2023 18:23:40 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9269 0
20 B 138ms
137ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9024556615216&version=m202307240101&ct=77&x=1&cor=8719736992913310000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je38g0&_p=1569427821&cid=1983397052.1692383017&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692383016&sct=1&seg=0&dl=https%3A%2F%2Fs1.imgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 18:23:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s1.imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgsed.com/	1970-01-20 23:42:23	Name: _ga Value: GA1.1.1983397052.1692383017
.imgsed.com/	1970-01-20 23:42:23	Name: _ga_GC2VPDBYKB Value: GS1.1.1692383016.1.0.1692383016.0.0.0
live.demand.supply/	1970-01-20 23:42:23	Name: demandSupplyTi Value: 27554e10-a27e-4947-a351-29af7700709f
.demand.supply/	1970-01-20 14:06:24	Name: __cf_bm Value: gv0l8Ccl7VrqvV3gZkG6ekA8qUDCUWhSb0YYok4OpgQ-1692383016-0-AdDXAeiKhXCmLowLevZrKsgN+zQnboUfW91h3Ro09fbmrYcp32Wiz9HANHY00Yaz5EpLOKGmw/BGmJVMR+tDRv0=
.imgsed.com/	1970-01-20 14:06:23	Name: lotame_domain_check Value: imgsed.com
.criteo.com/	1970-01-20 23:27:59	Name: uid Value: fc538b01-6f8b-4479-9e39-16e79aa761b1
.imgsed.com/	1970-01-20 23:27:59	Name: cto_bundle Value: h_ZDzF9MdWF5UlU5MnlINWNHYWxSMmNEa1MxOEx6b0pZejNxa3cwek1YJTJGU1BqbGhIVUlaQjZqYWVFOEtpMUJKVlc4bFh4Smc2RUozNzA2MyUyQlZnVEszMXZEa3N1RHl3aDRLTkdOamdGc3hTdjgwa2UlMkZCZ296emNLWUo5cyUyQnFtSGNlZ3NXVHRLbG1xY2hrY2klMkZPdFMlMkI4Y3RFc1ElM0QlM0Q
.imgsed.com/	1970-01-20 23:27:59	Name: __gads Value: ID=efa0169a8951a791:T=1692383017:RT=1692383017:S=ALNI_MbDxR1A5M1KY64sagIcxMcU97Mj9Q
.imgsed.com/	1970-01-20 23:27:59	Name: __gpi Value: UID=00000c89543325a4:T=1692383017:RT=1692383017:S=ALNI_MZjCVAlK7loVuFOw1cf2NeNlXn2bw
.doubleclick.net/	1970-01-20 23:27:59	Name: IDE Value: AHWqTUlRT4DRS5lbcf03rVGFqnkzndJRT9tTSc06GUOwBy_YNpEjh7GU_6ixc-9HeUc
.adnxs.com/	1970-01-20 16:15:59	Name: uuid2 Value: 5985866631331047862
.doubleclick.net/	1970-01-20 18:25:35	Name: APC Value: AfxxVi6WNaV9UHHmFMMrkNb3ZP7h0tpxvKaga9uaR12kATuIHzG37A
.casalemedia.com/	1970-01-20 22:51:59	Name: CMID Value: ZN.3Ki9fLkV.-8Tz6vqicAAA
.casalemedia.com/	1970-01-20 16:15:59	Name: CMPS Value: 3175
.casalemedia.com/	1970-01-20 16:15:59	Name: CMPRO Value: 3175
.adnxs.com/	1970-01-20 16:15:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?bhNTwo!]tbPl1M>e)ZlrFUfJ+tGXxp2?7v[7G6n[vG2rUJZKoby^i>@W_K@Nfx0Ftb3If)y3KL9D3I?-/WNWY7
.adform.net/	1970-01-20 14:51:01	Name: C Value: 1
.adsby.bidtheatre.com/	1970-01-20 14:16:27	Name: __kuid Value: 55a67bb8-dc62-4b16-bac0-f7926ef4ca48.461597018
.adform.net/	1970-01-20 15:32:47	Name: uid Value: 611254854020243996
.yieldmo.com/	1970-01-20 22:51:59	Name: yieldmo_id Value: 3m7iLyyGGDyscr5G4wME%7C1692316800000%7C0
.everesttech.net/	1970-01-20 22:51:59	Name: everest_g_v2 Value: g_surferid~ZN_3KgAJjGghUQA_
.revjet.com/	1970-01-20 23:42:23	Name: trx Value: 5077122493360340733
.revjet.com/	1970-01-20 14:07:49	Name: ads Value: 89b41f8146e2f8248edb7e57c87b5303
.zemanta.com/	1970-01-20 22:51:59	Name: zuid Value: 6zPmQbWVLCvUyagdcAMg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

80aacb59a600cc54e0a3ddcd6b7ef415.safeframe.googlesyndication.com
ad.doubleclick.net
ads.revjet.com
ads.yieldmo.com
api.demand.supply
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.revjet.com
cm.g.doubleclick.net
cs.chocolateplatform.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
img01.ztat.net
invstatic101.creativecdn.com
live.demand.supply
match.adsby.bidtheatre.com
match.sharethrough.com
mug.criteo.com
pagead2.googlesyndication.com
pix.revjet.com
region1.google-analytics.com
s1.imgsed.com
securepubads.g.doubleclick.net
static.criteo.net
sync-tm.everesttech.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
108.139.243.81
134.122.57.34
142.250.184.230
142.250.74.194
151.101.130.49
159.203.145.121
162.19.138.119
178.250.7.13
18.200.193.67
185.80.39.216
185.89.210.212
192.229.233.6
2001:4860:4802:32::36
2600:9000:206f:6800:15:157b:ff80:93a1
2600:9000:2250:8000:a:e047:753:6381
2606:4700:10::ac43:266a
2606:4700:20::681a:b84
2606:4700::6810:8516
2606:4700::6810:8616
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2001
2a02:2638:3::c
2a02:2638:d::2
2a04:4e42:600::485
34.96.70.87
37.157.5.84
5.9.137.180
50.31.142.63
52.58.1.69
54.72.84.52
65.21.233.18
04a9f63a65ce14f2dcb4321eeb773ccd884948a7a5e5bded5f27115f1f4c132b
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09ee9b6ccda5f6250d296ca5d1583eebe34991b95aa3a2bd54de57d2097b401e
0aa562cf8286544570938258fff747aae28afdff8a9bcc1dd136799bcd0f14aa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1d185c55eb6a67268bd71db4b8515b4b63f77289da35d0866028c026424e62
0d0f6b3fcbd0b6b05a3492ac839426570856601ac1a6d56ab22d5bef14166ea3
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1bc24fedd6079aecd3ade0198ee618e3f46ccbb93e96cf7ffdd9069afef5da10
22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ea71c6677862e6bb9a6508ad01873a46f88d686fe53354a0c2045ce0a925728
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34849d23eccfc8dd1ca8ad29db3c000849feef7f8be66a9da54fa8b9bf0c4f0a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
374df3a964ce9ddb2087346324f6e1b2c6eca94fba46e0b5435b3dbee33628ca
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2de62ba59b4b071f7cab18675db894989fe5d929b2b5a61ab76a0cce533253
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45d11baac5e9d9b51a501dc55294ee69c9f4eab22ab50703fea0a4c69cab83f0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5846f8322ceafd929e27720eb0f2f1e02dab4b74dda7778209d7f82ace141944
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c59b5ebbe4ba7054841389082fb679f751ae673c1a3ae792d17d5f3ef923b4c
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630d5c85e90b73cce8a0dffb9498cb20ca343ddce479692d7001c1a9de946ea3
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
696612f1c9e97dada903b8b4b7cc00f0135d8fb61d068c47298f422585df4db8
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7a3f3c2e081950ab42051d5cf3e2dfda2c86f130efdfd007954e9d1445d8976c
7fba9b4a46dc0732ecf73452a839a5e465403c7e402a996b799847988be5090c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
84f03fb4a3209d20968b4bcdb6bdc55442d8290b119723f19853fd6cc9f134da
85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b
8f2369a9f8f7b343fcca8e103168213b99667438a20afed4715bd255d9342792
8f2e0ab27b9cc767a52fe96052e61ec81db235a7d074a34a44ffe8634bf939c5
9260c08a529a83cdb2d978e829b597e3819152723e7b686bedb4d293acc34904
94e377eac9a330523c898dd4896bb3f3755492e33dafb1c8e8f78dba3eb75731
980bd127e3a5b0595d5f52f466c6447d4fed944921838a1e0dc725564a1c347c
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d0a3935da54669ed3b6922c3247dbc769fabc2c97d9d5efbf54aad638e3110e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2e2dcda15fc3d6fdfc3956439233bff14a8f53811f00d62973cde464f768663
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58013fdf3685ec050720b4bd7ef0f6d2b88b036184c8885103fbc4d4faac983
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6e951543ef97fbb9e3e7bcae71305ba14b8cc30182d6ca51791c2fd5c3e4989
acd7fa38882af3c7c6114604dce43d5778ad30730e8e8c9596f7666bf4d0fcc5
b0347538512855184cb6271cf5880484b4383f46456a38fe84beb4794ff103ed
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
bbe4006ad97dfdbfdcc5cd9808e8388320f28a5fb833ff7fbaaca7ce9fc2a921
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bdebd0f60d1e0d075bb74cce0776595d2bbdc54e455686357dfa7520e09db727
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d47ae618b19dadd26c48eaa300030113e97876b867db2978b0854c85b8cb37a0
da96a2da58cb00ae03b4e23c878f4237dc51754ec03029bb19bbc4a0f09d62c2
df0cfed8068fc1d852e4b9e1463d565d9dcb076efd45d7d5edef9e1a03fbd9cb
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e32b5f89a2233037989e27fdbd0ff693ce9f9f17614b9d856107bd20f1f58a2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7813f9dfb4c68321e7d77132f55f7cbd76f4bde7ed4d0a460ab9bd59713b51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f635af967c5b9d91ef07b8f4952b15608dce0a0008a095915e579fa2b782cd2e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77c7b49f1680174722cd3fffc93f84ae337de5c2ec9d124c4408caeaadcd164
fce58f74359de4d683423199534997fbba0a81ab6fdd72125d0beb9086b42b73

s1.imgsed.com Open in urlscan Pro 2606:4700:20::681a:b84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

92 %HTTPS

54 %IPv6

29 Domains

41 Subdomains

37 IPs

8 Countries

1505 kBTransfer

3715 kBSize

24 Cookies

1 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s1.imgsed.com Open in urlscan Pro
2606:4700:20::681a:b84 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

92 %
HTTPS

54 %
IPv6

29
Domains

41
Subdomains

37
IPs

8
Countries

1505 kB
Transfer

3715 kB
Size

24
Cookies

135 HTTP transactions
5 data transactions