www.imgurl.org Open in urlscan Pro
2606:4700:3037::ac43:9b6e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s3.bmp.ovh/
Effective URL:
https://www.imgurl.org/
Submission: On March 21 via api (March 21st 2024, 5:07:04 pm UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 100 HTTP transactions. The main IP is 2606:4700:3037::ac43:9b6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.imgurl.org.
TLS certificate: Issued by E1 on February 12th 2024. Valid for: 3 months.

This is the only time www.imgurl.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	194.13.80.102 194.13.80.102	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1 1	142.54.162.36 142.54.162.36	33387 (NOCIX) (NOCIX)
13	2606:4700:303... 2606:4700:3037::ac43:9b6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	42.192.153.76 42.192.153.76	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1 26	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	142.251.33.99 142.251.33.99	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
100	16

2 194.13.80.102 (Germany) 2 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v2202004100981114381.luckysrv.de

s3.bmp.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.54.162.36 (United States) 1 redirects

ASN33387 (NOCIX, US)
PTR: hammerlabel.net

imgurl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:9b6e (United States)

ASN13335 (CLOUDFLARENET, US)

www.imgurl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 42.192.153.76 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

tj.rss.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.33.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sea30s10-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	626 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	155 KB
14	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 5	71 KB
14	imgurl.org 1 redirects imgurl.org www.imgurl.org	508 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275	214 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1162 k.clarity.ms — Cisco Umbrella Rank: 9530 c.clarity.ms — Cisco Umbrella Rank: 1824	28 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
3	rss.ink tj.rss.ink	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
2	bmp.ovh 2 redirects s3.bmp.ovh — Cisco Umbrella Rank: 601956	293 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 427	763 B
100	11

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net www.imgurl.org pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	www.imgurl.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.google.com
13	www.imgurl.org	www.imgurl.org
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	www.gstatic.com	googleads.g.doubleclick.net www.imgurl.org
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net www.imgurl.org
3	k.clarity.ms	www.clarity.ms
3	tj.rss.ink	www.imgurl.org tj.rss.ink
2	c.clarity.ms	1 redirects
2	www.googleadservices.com	www.imgurl.org
2	www.clarity.ms	www.imgurl.org www.clarity.ms
2	s3.bmp.ovh	2 redirects
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	imgurl.org	1 redirects
100	19

This site contains links to these domains. Also see Links.

Domain
vip.imgurl.piclink.cc
dwz.ovh
png.cm
www.xiaoz.me
xiawen.cc
nav.rss.ink
doc.xiaoz.me
wget.ovh
imgurl.org

Subject Issuer	Validity	Valid
www.imgurl.org E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
tj.rss.ink Encryption Everywhere DV TLS CA - G1	`2023-05-18` - `2024-05-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.imgurl.org/
Frame ID: 8D77FEF70BBD71DEF693BA608650D7CC
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&adk=1812271804&adf=3025194257&lmt=1711040820&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C128x675_r&format=0x0&url=https%3A%2F%2Fwww.imgurl.org%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711040819860&bpp=8&bdt=555&idt=178&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1801939409264&rume=1&frm=20&pv=2&ga_vid=1943634338.1711040820&ga_sid=1711040820&ga_hid=1527565919&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95320378%2C31061691%2C31061692&oid=2&pvsid=3674499229139841&tmod=834587151&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: 548492A1BB973C71F7A505AF8B275733
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1635088244~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1711040820&rafmt=1&to=qs&pwprc=8049717778&format=1200x280&url=https%3A%2F%2Fwww.imgurl.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711040819868&bpp=1&bdt=563&idt=203&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1801939409264&rume=1&frm=20&pv=1&ga_vid=1943634338.1711040820&ga_sid=1711040820&ga_hid=1527565919&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95320378%2C31061691%2C31061692&oid=2&pvsid=3674499229139841&tmod=834587151&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=206
Frame ID: CF812DAE1AA37FEC649EAA920F6549DF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 132DAEF955D306399BED8CF958C283DF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: 2053A52B553296669C87B18BCD9AD80C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Frame ID: 7D109F788906350C09AD23AB98931E8D
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js
Frame ID: E7DA57475AB584FDE4BF1A6222C6B270
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019
Frame ID: 4FC37A2BB3D0734BAA114B0811F687DC
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9FB7CB48D5E1F0C734BBB9A4104D225
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js
Frame ID: A7674587CD50D33D9E56DA0EB30683A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js
Frame ID: C228A74939CFDE81213D71B216E9222C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2B52EFFF927B76899A7E9A60AA148B1E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 715D8674AAE6C922A249D3BC4E313A86
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ImgURL免费图床

Page URL History Show full URLs

http://s3.bmp.ovh/ HTTP 302
https://s3.bmp.ovh/ HTTP 301
https://imgurl.org/ HTTP 301
https://www.imgurl.org/ Page URL

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

98 %
HTTPS

61 %
IPv6

11
Domains

19
Subdomains

16
IPs

4
Countries

1608 kB
Transfer

4151 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://vip.imgurl.piclink.cc/page/vip
Title: VIP服务

Search URL Search Domain Scan URL

URL: https://dwz.ovh/vwok9
Title: 客户端

Search URL Search Domain Scan URL

URL: https://png.cm/
Title: 简单图床

Search URL Search Domain Scan URL

URL: https://www.xiaoz.me/
Title: 小z博客

Search URL Search Domain Scan URL

URL: https://xiawen.cc/
Title: 下问技术社区

Search URL Search Domain Scan URL

URL: https://nav.rss.ink/
Title: OneNav

Search URL Search Domain Scan URL

URL: https://doc.xiaoz.me/
Title: 藏经阁

Search URL Search Domain Scan URL

URL: https://wget.ovh/
Title: 小z博客软件库

Search URL Search Domain Scan URL

URL: https://imgurl.org/
Title: ImgURL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s3.bmp.ovh/ HTTP 302
https://s3.bmp.ovh/ HTTP 301
https://imgurl.org/ HTTP 301
https://www.imgurl.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 37

https://googleads.g.doubleclick.net/pagead/adview?ai=CkWn-NGn8ZaHhCvrEodAPq5SYwAfa14fobrKMw_rOD9nZHhABIJmlpiNg6wGgAfqotdADyAEBqQIbVNGnabCyPqgDAcgDywSqBMwBT9A9feceSMTJzIsgMUazPq237P7jC8ECEw4E1TYPhluv2mtZ-48DwYA2VRFfzGwjO1fDsDNtIhQP0iqW6zwqwtxBg4oY2tiQjuWCfgCp2MLThViIZqLKbGqzm4EYzAXOJ2Yd0uSIfCrBGNU1Wo8TwgHHFo7S17vKWcRMAj7weCfeEqfvsFemZyc6LZ4fXwCd3SLTWh-L63r_qBFDOrQgUSVBQz_gy1bZv210dCflfmeifDddz9QKclZrPRQvFu7xdz8O9QX-KbLshJq5wASY1JmZiwSIBZGFqfA8kgUECAQYAZIFBAgFGASAB-7Wyi-oB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAfIHBRDs1ZcE0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WL_knOLrhYUDmgkraHR0cHM6Ly93d3cubWV0ZW9tYXRpY3MuY29tL2VuL3dlYXRoZXItYXBpL4AKAcgLAdoMEQoLENCakdrOkanU9gESAgED2BMNiBQE0BUBmBYBgBcBshccChoIABIUcHViLTExOTg1OTI4MjY2MTM4NTkYALIYBBIC8mjoGAE&sigh=0D0_431MgaM&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq1fBX1DO3G-UdECu4nvO1y0JF334NNsGwcxBiWUSEFLgsJR7XepoyuGzXPZRk9Q73rKprl1qm-KTdspNDw1uKS3TlbRf--Fd3KxgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xacc03b769ab7eeb00000000000000000%22,%222%22:%220xbed9e48ec23068110000000000000000%22,%223%22:%220x466d9cb3a1a4f5420000000000000000%22,%224%22:%220x5efbdbae1c4c15f00000000000000000%22,%225%22:%220x7b70e7e03020d4680000000000000000%22},%22debug_key%22:%221346728480611179792%22,%22debug_reporting%22:true,%22destination%22:%22https://meteomatics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973952122%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218045342879414963937%22}&andc=true

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 76

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=162C16C893154977A6C36554CCC810E0&RedC=c.clarity.ms&MXFR=15F43B3D212162952F482F7425216C8A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=162C16C893154977A6C36554CCC810E0&MUID=10B0ACBA5440623005EBB8F355EC63F7

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.imgurl.org/
Redirect Chain

http://s3.bmp.ovh/
https://s3.bmp.ovh/
https://imgurl.org/
https://www.imgurl.org/

14 KB
5 KB

2982ms
930ms

Document
text/html

2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 780e1aeb7b7dc46265725d8e533b91c03a863b07230acaaf0fa26751c4ba9602

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867f891b7df44103-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 17:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1R%2FdtefqjLTBVwPJMvGPrTd%2BYg4eBxnUO2kzwmyqWwiQ7ToWMHcCf99N1HXrEPC8%2B3shGU74q91kKue4lUKDqxhawuAeYAS7qxflNiAwjVta8WMU45FMp1rs7Njco%2FGM1RZJ00ns8iWinrnpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Thu, 21 Mar 2024 17:06:56 GMT
ip: 81.95.5.35
location: https://www.imgurl.org/
server: nginx
x-c-code: EU
x-iso-code: DE

GET
H2 200 layui.css
www.imgurl.org/static/layui/css/ 118 KB
22 KB 216ms
215ms Stylesheet
text/css 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/layui/css/layui.css
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129c8ffbe2aa6b286c99954e68217e4699c440f9b3625a7581b402b0d05a3bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 231414
etag: W/"6565b401-1d863"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAYR%2BQrMbQdWBnCpHOGbim6oWsFC4NnqWus9BD104dtLdvaVr2LMYQ3zIpthcKY35qih1LTMR5ybd36cOBXOHwSDeTl2LgNAdIkDfOvYJFSAstKVl%2BQtj0XYSQ0FIHD9BSPfgRMfsPIadGJ92A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 867f89214d444103-SIN
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 00:50:05 GMT

GET
H2 200 font-awesome.min.css
www.imgurl.org/static/font-awesome/css/ 30 KB
7 KB 190ms
189ms Stylesheet
text/css 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/font-awesome/css/font-awesome.min.css
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 06:20:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 231414
etag: W/"654c7a42-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ih70yHZJOwBK7zBNvSu9RPl6eZo6NAFiv615W49l4QUMm4kVsFlCEdMQILMDRQMK9sSHlMPzu%2B3wt24KqI2QKUIoDvFww%2Bhn9IF9QUNVV9O3f6gx%2FElObOJLWVph2ik%2BCQSOJKYFN25AM9lkqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 867f89214d464103-SIN
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 00:50:05 GMT

GET
H2 200 style.css
www.imgurl.org/static/ 13 KB
4 KB 201ms
200ms Stylesheet
text/css 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/style.css?v=pro-v2.3.1-20231128
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4274b9ab310490f74153e56fb8bd92346dc3ada706cbe5e4ffc8f8534b602f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 231414
etag: W/"6565b401-34cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rx7YmbTiZHAVt5weUwcb5LRjoDPUS3Vf5xtzHXxfbg8F8qpSQitWEiqSreC7E78nYB5YIM0BOsAw2661aXZlF3udSlPfEMlTXsmyyfcU78HFr8UT%2By9tM0HdIubdi977m8SW6LrzpiMd0f0n%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 867f89214d484103-SIN
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 00:50:05 GMT

GET
H2 200 jquery.min.js Show response
www.imgurl.org/static/ 85 KB
31 KB 247ms
246ms Script
application/javascript 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/jquery.min.js
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 06:20:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 231414
etag: W/"654c7a42-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WEoDWZklRpNaGOBJ2ER9LsqJZCyKPcdVVXUmG8Amf7Gm2WXz1QbG8RJPyWRl4KvzDqbH6vtk95ivx3Mw48NGMZP%2BELYVU5TxI%2BSOII0DH412PYxiIAg7p%2BhyHIHfI%2BaaSr2DfVZrz%2Fa%2FvPMIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 867f89214d494103-SIN
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 00:50:05 GMT

GET
H2 200 clipboard.min.js Show response
www.imgurl.org/static/js/ 9 KB
3 KB 209ms
209ms Script
application/javascript 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/js/clipboard.min.js
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 231414
etag: W/"6565b401-234a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Y4MPmsTR2DmNUM5Wt4XuhI2fvCMb17htlN6I8dFYUX5mIXq6td4uX9%2B%2FBEobQEr9Vh0OD5p9EHKRj5udgs7HjDha8FuiZ9sopa220iG2xfXySShOe4P8ACWa5VF08FL1NWMELCwqn%2BJWIHe3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 867f89214d4a4103-SIN
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 00:50:05 GMT

GET
H2 200 umami.js Show response
tj.rss.ink/ 3 KB
2 KB 1164ms
245ms Script
application/javascript 42.192.153.76
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://tj.rss.ink/umami.js

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.192.153.76 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

ef16539c1d38c323f79d96e30ead5634e9d1ef6fe3edb28078291415ab43de35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:00 GMT
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 04:50:55 GMT
server: nginx
etag: W/"a6e-185ec6a1b98"
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-cache: EXPIRED
cache-control: max-age=43200
accept-ranges: bytes
expires: Fri, 22 Mar 2024 05:07:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 94ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1198592826613859

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4bba2904a5e344b8efbdcc6d5220fe392ba541a6dc7312ea1b9506e4107a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
Origin: https://www.imgurl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51335
x-xss-protection: 0
server: cafe
etag: 16898468851976551767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 17:06:59 GMT

GET
H2 200 logo.png
www.imgurl.org/static/images/ 15 KB
16 KB 385ms
385ms Image
image/png 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgurl.org/static/images/logo.png
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6020e60752915a02a3e276f11f42d938c5af82b12d9f6781b343210c47a01f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 852043
alt-svc: h3=":443"; ma=86400
content-length: 15754
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
server: cloudflare
etag: "6565b401-3d8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2Fedc7d9k5MOFsqdMDe4FDuYniYVvuQZDOkFVkQJdp0W564S5y0toSp8dXn489yx8BeprQTHcQsrOyH8mFhOGqh58QISYAbkTFsdo57Prt7kfvbvCYNNjpHr0UdT4Br56QXbJQAofR0APK5N8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 867f89214d4b4103-SIN
expires: Wed, 10 Apr 2024 20:26:15 GMT

GET
H2 200 PasteUpload.js Show response
www.imgurl.org/static/js/ 4 KB
2 KB 205ms
205ms Script
application/javascript 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/js/PasteUpload.js
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31655356dc058a1082546efdc3dc474abc57135358dcaf4765ea505b42c6c1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 220745
etag: W/"6565b401-110f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2F087mIXsgI6XYP1mgJPU7vq75k2Zw259ShtFtQH11NxjC5S0S0MJepADg4pOysqSREfzXEY8DCC%2BfGDBXeuSa7zsxgF3bAsbuLScOtxq1YMPpnkp54E3s7gGaxHkUtdT2%2F0Rq%2BSU%2F%2BIj3ygRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 867f89214d4d4103-SIN
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Mar 2024 03:47:54 GMT

GET
H3 200 layui.js Show response
www.imgurl.org/static/layui/ 328 KB
107 KB 28ms
28ms Script
application/javascript 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/layui/layui.js
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5a89677e0c353454cb9994c0c73bab3c354b7395d5934edb5be72e38947779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 49404
etag: W/"6565b401-51eb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgtoH%2BSrWte%2BTwcxubQLFw5gbVN8%2FyxuvCqZzGTCyE6bMtMW3PRPMSyKOk%2Fo6uw%2F9XouWsBtEV9PKSO8YcECgydAA28WACqLj1lIlB2%2BmYlXIUZCRoKdWXvWsi5gEDQUn2h%2BfFK7WXpNWk1R8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 867f8921f8e66951-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Mar 2024 03:23:35 GMT

GET
H3 200 embed.js Show response
www.imgurl.org/static/ 19 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/embed.js?v=pro-v2.3.1-20231128
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb01f76b884f635770f546419d3ea887bd47357068924d0978691bf98c9e2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 49404
etag: W/"6565b401-4bc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzyGveW2VOfOyuuMN2G%2FdBPK1IMA%2F7MSSIHWRHknLHAubnQnUqeodKQbdpsuynoVQHGNMqTsF7SoWybd63E0pDDLxr7gWekcKdrpD8CS0SpgF0tLNmMf1qx2x1EUrMwpGn3EtcmwY4QKRK%2BNBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 867f8922b98a6951-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Mar 2024 03:23:35 GMT

GET
H3 200 clipBoard.min.js Show response
www.imgurl.org/static/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/clipBoard.min.js?v=1.40
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cfd90b2b9759de132ecb2f27fbfc0260b0cbbefce124382cfcfcc74acc4c65a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 49404
etag: W/"6565b401-92f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ix6erhylVj6hOnZKTIWKW9pa6wlbgfvZFkTjrpkCNPDi%2Bt7ujPjpXXqnBeF4xBQQYxUn%2FrDoJiex0YEwy6qvRXzX68gNoT5fOSgYy%2BVV7%2FZpubmIr4SyaWLEHswXr6WXDfZ9uDTTH5EpM0uYOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 867f8922d9be6951-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Mar 2024 03:23:35 GMT

GET
H2 200 jt84f3l58h Show response
www.clarity.ms/tag/ 650 B
1014 B 161ms
115ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jt84f3l58h
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 764d6a085133ec16a727a033d52d4c7bd01c1fb2ddd5e5615d3b2b5dff7d7796

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: -1
date: Thu, 21 Mar 2024 17:06:59 GMT
x-azure-ref: 20240321T170659Z-dt5m8q66rd7t522cbrp8rmdt9800000002s0000000006rvg
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 luoye.jpg
www.imgurl.org/static/images/ 275 KB
276 KB 25ms
25ms Image
image/jpeg 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgurl.org/static/images/luoye.jpg
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18ed790d7d593ba6388f444e6606ecd4ce9fe171a503a8fa2fc3e9f93c3ba6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 681676
alt-svc: h3=":443"; ma=86400
content-length: 281867
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
server: cloudflare
etag: "6565b401-44d0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgRHeHFA%2FoUtcEUWThokF8u9o%2BjOEcjwg1mwu4Fam5%2BrLLhpXGinY80WCcQlnq%2BE6HDVt7RbauD2zMJd1te5aTQiibLJYUuW8gO6stfcANvDtTfAUSpR1C7oubon0Hhp2ANM%2B%2BsYc5AomXRJlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 867f89237a5c6951-FRA
expires: Fri, 12 Apr 2024 19:45:43 GMT

GET
H3 200 iconfont.woff2
www.imgurl.org/static/layui/font/ 29 KB
30 KB 309ms
309ms Font
font/woff2 2606:4700:3037::ac43:9b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgurl.org/static/layui/font/iconfont.woff2?v=282
Requested by: Host: www.imgurl.org
URL: https://www.imgurl.org/static/layui/css/layui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91a49e0b91cfc94859c14e209f1ce4918adf6efc8714aab4f671bfdb7b18e8

Request headers

Referer: https://www.imgurl.org/static/layui/css/layui.css
Origin: https://www.imgurl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:00 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Nov 2023 09:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6565b401-7428"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2F8H3mfbqRxkwzTXA2RvW%2BqW1wQg2pt3cqImXU4TMsyMBq8XoGET%2BDrFnUOkYGZxEMVKM9VvICTBdXny3rB%2F%2FbQOK5q6ydU4YThXZnD8Kzc4zTc2kZYQOaQ0sXOsYEEmyeA2zblK1eZI0%2Bk%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 867f89237a5f6951-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29736

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 106ms
76ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1198592826613859

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41193689c350f873e11ca1b9443c21ce70eb2badff876c8086a55303dbe06d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141440
x-xss-protection: 0
server: cafe
etag: 15241799176407462919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:06:59 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
25 KB 22ms
22ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jt84f3l58h
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:06:59 GMT
content-encoding: br
last-modified: Tue, 19 Mar 2024 12:23:39 GMT
etag: W/"0x8DC480F6888504A"
vary: Accept-Encoding
x-azure-ref: 20240321T170659Z-dt5m8q66rd7t522cbrp8rmdt9800000002s0000000006rvs
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8e055420-b01e-001e-480e-7ac203000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ 56 KB
22 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abecb4abc386e0aecc184beae75635c71405b97988c2b8746cb16704d53f6935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22013
x-xss-protection: 0
server: cafe
etag: 9182826160011842025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 01:56:53 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5484 403 KB
89 KB 726ms
702ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&adk=1812271804&adf=3025194257&lmt=1711040820&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C128x675_r&format=0x0&url=https%3A%2F%2Fwww.imgurl.org%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711040819860&bpp=8&bdt=555&idt=178&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1801939409264&rume=1&frm=20&pv=2&ga_vid=1943634338.1711040820&ga_sid=1711040820&ga_hid=1527565919&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95320378%2C31061691%2C31061692&oid=2&pvsid=3674499229139841&tmod=834587151&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1999fdb8cb96072b091c3a5a5af57aaa9ca9768bc325d3341be39aa88771b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 90871
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 17:07:00 GMT
expires: Thu, 21 Mar 2024 17:07:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=footer&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF81 131 KB
44 KB 624ms
616ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1635088244~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1711040820&rafmt=1&to=qs&pwprc=8049717778&format=1200x280&url=https%3A%2F%2Fwww.imgurl.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711040819868&bpp=1&bdt=563&idt=203&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1801939409264&rume=1&frm=20&pv=1&ga_vid=1943634338.1711040820&ga_sid=1711040820&ga_hid=1527565919&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95320378%2C31061691%2C31061692&oid=2&pvsid=3674499229139841&tmod=834587151&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4060e2913f82faa5bbb8641e0456526a4f8d6bf946f7b90a6104159354b4985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44439
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 17:07:00 GMT
expires: Thu, 21 Mar 2024 17:07:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
294 B 459ms
107ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.imgurl.org
Date: Thu, 21 Mar 2024 17:07:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 84d2527241fb8c00ce4670060c5f1154.js Show response
www.gstatic.com/mysidia/ Frame CF81 9 KB
4 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1635088244~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1711040820&rafmt=1&to=qs&pwprc=8049717778&format=1200x280&url=https%3A%2F%2Fwww.imgurl.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711040819868&bpp=1&bdt=563&idt=203&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1801939409264&rume=1&frm=20&pv=1&ga_vid=1943634338.1711040820&ga_sid=1711040820&ga_hid=1527565919&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95320378%2C31061691%2C31061692&oid=2&pvsid=3674499229139841&tmod=834587151&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4075
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 08:08:41 GMT

GET
H2 200 5e889db6e7c601e6c43ef17335854d80.js Show response
www.gstatic.com/mysidia/ Frame CF81 11 KB
5 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5e889db6e7c601e6c43ef17335854d80.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f622ffc7f9346a175e8d7cbda6b4226324e3b75de37b0ad01607a34c337b589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 00:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4716
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 00:55:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CF81 14 KB
2 KB 68ms
38ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 17:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 16:32:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 17:07:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame CF81 2 KB
902 B 14ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:22:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame CF81 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:20:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:20:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame CF81 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:21:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame CF81 20 KB
9 KB 35ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:21:10 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CF81 206 KB
62 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:58:51 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame CF81 36 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 14:39:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 132D 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1198592826613859&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1635088244~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1711040820&rafmt=1&to=qs&pwprc=8049717778&format=1200x280&url=https%3A%2F%2Fwww.imgurl.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711040819868&bpp=1&bdt=563&idt=203&shv=r20240319&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1801939409264&rume=1&frm=20&pv=1&ga_vid=1943634338.1711040820&ga_sid=1711040820&ga_hid=1527565919&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95320378%2C31061691%2C31061692&oid=2&pvsid=3674499229139841&tmod=834587151&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=206
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 16:30:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 167 KB
56 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c8918dfaab4935ed6bfe153985443720411393ef08d60fe2dfa879014e499cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57716
x-xss-protection: 0
server: cafe
etag: 11052497447230794595
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:07:00 GMT

GET
H2 200 ca-pub-1198592826613859 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 72ms
46ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1198592826613859?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43e3c2e3c479f1acf839b1fe261ac82e5d5ad6376be0dcb51ead2259de5d44f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sHC2tOenvUkdsxD1cmf4gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-sHC2tOenvUkdsxD1cmf4gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDseXSx_VsAg8WrdrKDADklzG1"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CF81 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01f72500527392e54f2bfe2adf01b66b51ed42280d32dbac935ad706179acccb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CF81 33 KB
34 KB 36ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 219945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 04:01:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 132D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
17ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 17:07:00 GMT
expires: Thu, 21 Mar 2024 17:07:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 17:07:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CF81
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkWn-NGn8ZaHhCvrEodAPq5SYwAfa14fobrKMw_rOD9nZHhABIJmlpiNg6wGgAfqotdADyAEBqQIbVNGnabCyPqgDAcgDywSqBMwBT9A9feceSMTJzIsgMUazPq237P7jC8ECEw4E1TYPhlu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xacc03b769ab7eeb00000000000000000%22,%222%22:%220xbed9e48ec23068110000000000000000%22,%223%22:%220x466d9c...

0
0

65ms
40ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xacc03b769ab7eeb00000000000000000%22,%222%22:%220xbed9e48ec23068110000000000000000%22,%223%22:%220x466d9cb3a1a4f5420000000000000000%22,%224%22:%220x5efbdbae1c4c15f00000000000000000%22,%225%22:%220x7b70e7e03020d4680000000000000000%22},%22debug_key%22:%221346728480611179792%22,%22debug_reporting%22:true,%22destination%22:%22https://meteomatics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973952122%22],%2222%22:[%22true%22],%224%22:[%2203-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218045342879414963937%22}&andc=true

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xacc03b769ab7eeb00000000000000000","2":"0xbed9e48ec23068110000000000000000","3":"0x466d9cb3a1a4f5420000000000000000","4":"0x5efbdbae1c4c15f00000000000000000","5":"0x7b70e7e03020d4680000000000000000"},"debug_key":"1346728480611179792","debug_reporting":true,"destination":"https://meteomatics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973952122"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"18045342879414963937"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Mar 2024 17:07:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 17:07:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xacc03b769ab7eeb00000000000000000","2":"0xbed9e48ec23068110000000000000000","3":"0x466d9cb3a1a4f5420000000000000000","4":"0x5efbdbae1c4c15f00000000000000000","5":"0x7b70e7e03020d4680000000000000000"},"debug_key":"1346728480611179792","debug_reporting":true,"destination":"https://meteomatics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973952122"],"22":["true"],"4":["03-21"],"6":["true"]},"priority":"500","source_event_id":"18045342879414963937"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame 2053 9 KB
4 KB 11ms
11ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:20:17 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:20:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/ Frame 7D10 9 KB
4 KB 17ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 23:20:17 GMT
etag: 5035419970550746386
expires: Wed, 03 Apr 2024 23:20:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxV0Lt1eVmNaiBnRwJ3U1EJMgy7KianbqeCFJPlg9DuDYZHrby2xJP6XdY7sVYzouETZXG7erHU7pCslRH5tsbzS7wKc0B9XEueDv8g0qOetvD4HFCkSko_MQ6lWFbDZcqMlwh5W8A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV0Lt1eVmNaiBnRwJ3U1EJMgy7KianbqeCFJPlg9DuDYZHrby2xJP6XdY7sVYzouETZXG7erHU7pCslRH5tsbzS7wKc0B9XEueDv8g0qOetvD4HFCkSko_MQ6lWFbDZcqMlwh5W8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDQwODIwLDk5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaW1ndXJsLm9yZy8iLG51bGwsW1s4LCJfSDNDUUFVbVRlUSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._H3CQAUmTeQ.es5.O/am=wA/d=1/rs=AJlcJMwB5L0zrJGoujKlLP48oSQFMgDyDQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0515eaa1c952a5500757a460e9d880ea0878b6f42369824dc3f5e34906eaa03b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HpOSHNrTDGEBr4dAnUQmjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-HpOSHNrTDGEBr4dAnUQmjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEzbH10sf1bAIbXrbwAgD91zYL"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js Show response
pagead2.googlesyndication.com/bg/ Frame E7DA 52 KB
20 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20381
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 07:46:36 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CF81 64 KB
24 KB 163ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1699
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24450
x-xss-protection: 0
server: cafe
etag: 12071440461849196005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:38:42 GMT

GET
H3 200 84d2527241fb8c00ce4670060c5f1154.js Show response
www.gstatic.com/mysidia/ Frame 4FC3 9 KB
4 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4075
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 08:08:41 GMT

GET
H3 200 7e3f20bc31b87098664e77733e0026f8.js Show response
www.gstatic.com/mysidia/ Frame 4FC3 146 KB
54 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7e3f20bc31b87098664e77733e0026f8.js?tag=video_mra/web_interstitial_raspberry_ms_cta_adjustment

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f6348fbf28ecae404b8b08c816579f564cd305f360f57f28c04631da7748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54889
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 16:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 08:04:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4FC3 21 KB
1 KB 24ms
22ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

419c315057ded80663e34d54c0d0d116fa9fedafdd9210176496815e24bb9f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 17:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 16:35:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 17:07:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 4FC3 2 KB
822 B 13ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:22:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 4FC3 23 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:20:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:20:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 4FC3 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:21:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 4FC3 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:21:10 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4FC3 206 KB
62 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:58:51 GMT

GET
H3 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 4FC3 36 KB
15 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.imgurl.org
URL: https://www.imgurl.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 07:45:49 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 2053 15 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:23:43 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2053 205 B
229 B 35ms
34ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:58:34 GMT
x-content-type-options: nosniff
age: 205707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Mar 2025 07:58:34 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2053 604 B
628 B 36ms
35ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 20:17:01 GMT
x-content-type-options: nosniff
age: 247800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Mar 2025 20:17:01 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/ Frame 2053 22 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:23:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 87ms
44ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 17:07:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 84d2527241fb8c00ce4670060c5f1154.js Show response
www.gstatic.com/mysidia/ Frame 7D10 9 KB
4 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4075
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 08:08:41 GMT

GET
H3 200 86afce54da96dfe352c11602b6998f11.js Show response
www.gstatic.com/mysidia/ Frame 7D10 11 KB
5 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/86afce54da96dfe352c11602b6998f11.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e523e9fc2e53beabb15afb270ddae636243a27520b4263cb568750e31d9cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 16:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 08:10:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7D10 14 KB
1 KB 34ms
34ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 17:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 16:40:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 17:07:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7D10 2 KB
822 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:22:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 7D10 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:20:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:20:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7D10 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:21:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7D10 20 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:21:10 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7D10 206 KB
62 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:58:51 GMT

GET
H3 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 7D10 36 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 07:45:49 GMT

GET
H3 200 AGSKWxUXAjK7dKXeFlvkqbtKxgFXycQDOufKqYtx3WBQHGz4D8-RJCYb66zMJw_xffXjWfQhrQDB8rhRs-NI6zuDZK3JKMgPbIgVMz5b0FxuK0TXh4a9vZcevTaSKnheZ6Z2ugQM0_pMZw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUXAjK7dKXeFlvkqbtKxgFXycQDOufKqYtx3WBQHGz4D8-RJCYb66zMJw_xffXjWfQhrQDB8rhRs-NI6zuDZK3JKMgPbIgVMz5b0FxuK0TXh4a9vZcevTaSKnheZ6Z2ugQM0_pMZw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDQwODIxLDcxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZGUiXSwiaHR0cHM6Ly93d3cuaW1ndXJsLm9yZy8iLG51bGwsW1s4LCJfSDNDUUFVbVRlUSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a0e5adfcdd6b1c1961ee679d9031907e490fd59a8bd7d071ecd584874e46321

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9y2pW_oEpmAnvrcOAOfq_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-9y2pW_oEpmAnvrcOAOfq_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTNsfXSx_VsAh82HdIHALWgMWo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9FB 143 B
166 B 14ms
13ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 16:30:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js Show response
pagead2.googlesyndication.com/bg/ Frame A767 52 KB
20 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20381
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 07:46:36 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4FC3 64 KB
24 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1699
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24450
x-xss-protection: 0
server: cafe
etag: 12071440461849196005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:38:42 GMT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
294 B 114ms
114ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.imgurl.org
Date: Thu, 21 Mar 2024 17:07:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

18ms
18ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 17:07:01 GMT
expires: Thu, 21 Mar 2024 17:07:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 17:07:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame CF81 0
54 B 816ms
160ms Ping
image/gif 142.251.33.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lu1hiz79&chm=1&ctx=2&gqid=NGn8ZZjJBfjP1PIP9YmQ0Ac&qqid=CKHLoeLrhYUDFXpiCAQdKwoGeA&met.4=fb.j7~lb.kt~ol.oo~bdt.-le~bpp.-5q~idt.-4~dtd.-1~dt.-5r&met.3=492.kg_1~555.me~556.me_1~113.uk_2~112.uj_3&met.1=1.lu1hiycr~6.0~7.0~8.0~9.0~10.0~12.8~13.hc~14.hx~15.j1~16.mb~17.mb~18.mb~19.og~20.og~21.oo~22.ki~23.ki&met.7=CAUQCBgBMIUFOPgGaAlw8AR4w90CgAGX2wKIAeaVCLABAbgBAw~CBsQBxgBILEFKLEFMNQFOCM~CBsQBxgBILEFKLEFMNMFOCI~CBIQBxgBILEFKLEFMPYFOEVQsgVYzwVgugVozwVw9QV4pQyAAfkJiAHzcaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBILEFKLEFMOcFODVo2QVw5gV4xwiAAZsGiAGIDbABAbgBAw~CBwQChgBILEFKLEFML0FOAxosgVwuQV40fUDgAGl8wOIAfHvDLABAbgBAw~CBwQChgBILEFKLEFMNUFOCRQsgVYygVgugVoygVw1AV4z0OAAaNBiAGInwGwAQG4AQM~CB4QChgBILEFKLEFMOoFODlo2gVw6QV4gAyAAdQJiAGBFbABAbgBAw~CAkQChgBILEFKLEFMOkFODho2gVw5wV4vkmAAZJHiAHVtwGwAQG4AQM~CBsQChgBILEFKLEFMOsFODk~CCgQBRgBIOIFKOIFMPIFOBBo4wVw8AV4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBIKAHKKAHMMkIOKkBUJwIWLkIYKcIaLkIcMIIeK7BAYABgr8BiAHZggSwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.33.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sea30s10-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4FC3 0
234 B 810ms
159ms Ping
image/gif 142.251.33.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lu1hiz7h&chm=1&ctx=2&gqid=NGn8ZcbDBdnbx_APuMy8qAk&qqid=COnVoeLrhYUDFQn25wMd0A0B3g&met.4=fb.8~lb.1u~ol.2y~bdt.-1bf~bpp.-vs~idt.-r2~dtd.-qj~dt.-w0&met.3=492.1s_1~518.2q~555.2s~556.2s_1~113.4q_1~113.4r~112.4q_1&met.1=1.lu1hiz2s~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~1.lu1hiz1x~6.0~7.0~8.0~9.0~10.0~12.1~13.c~14.d~15.n~16.3s~17.3s~18.3s~19.3s~20.3s~21.3s&met.7=CCgQCBgBMAE4Ag~CBsQBxgBIAgoCDAsOCU~CBsQBxgBIAgoCDAtOCU~CBIQBxgBIAkoCTAiOBloCnAheJ0NgAHxCogBzKoBqgEZChdHb29nbGUgU2Fuczo0MDAsNTAwLDYwMLABAbgBAw~CBwQChgBIAkoCTAYOA5oCnAXeMcIgAGbBogBiA2wAQG4AQM~CAkQChgBIAkoCTAlOBtoC3AZeL5JgAGSR4gB1bcBsAEBuAED~CBwQChgBIAkoCTApOB9oC3AleM9DgAGjQYgBiJ8BsAEBuAED~CB4QChgBIAkoCTArOCJoC3AoeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIAkoCTArOCJoC3AYeNH1A4ABpfMDiAHx7wywAQG4AQM~CBsQChgBIAooCjAxOCg~CCgQChgBIHMoczCmATgzaJEBcKABeK7BAYABgr8BiAHZggSwAQG4AQM~CCgQCBgBMA04iAFoAXAMeOcigAG7IIgBmUegAeH__________wGwAQG4AQM~CEwQChgBICooKjBHOB1oLnBFeOA0gAG0MogByHagAeH__________wGwAQG4AQM~CBsQBhgBICsoKzBSOCc~CBsQBhgBICwoLDBSOCc~CEsQChgBICwoLDBKOB5oLnBFeMRJgAGYR4gBxq0BoAHh__________8BsAEBuAED
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.33.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sea30s10-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 collect
tj.rss.ink/api/ Frame 0
0 918ms
228ms Preflight 42.192.153.76
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://tj.rss.ink/api/collect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.192.153.76 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.imgurl.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
date: Thu, 21 Mar 2024 17:07:02 GMT
server: nginx
vary: Access-Control-Request-Headers
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN

POST
H2 200 collect Show response
tj.rss.ink/api/ 499 B
822 B 245ms
245ms Fetch
text/plain 42.192.153.76
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL

https://tj.rss.ink/api/collect

Requested by

Host: tj.rss.ink
URL: https://tj.rss.ink/umami.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.192.153.76 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

4bd5f05e7f2f19a86e9aec77b561039d5e040a823bbba768010eefe2256e4019

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 17:07:02 GMT
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
server: nginx
etag: "162w6ghpbhfdv"
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
content-type: text/plain
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache
content-length: 499

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=162C16C893154977A6C36554CCC810E0&RedC=c.clarity.ms&MXFR=15F43B3D212162952F482F7425216C8A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=162C16C893154977A6C36554CCC810E0&MUID=10B0ACBA5440623005EBB8F355EC63F7

42 B
442 B

33ms
33ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=162C16C893154977A6C36554CCC810E0&MUID=10B0ACBA5440623005EBB8F355EC63F7
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:00 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FFE0363D0D3040CD8F64D63D37CEAEA4 Ref B: FRA31EDGE0107 Ref C: 2024-03-21T17:07:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=162C16C893154977A6C36554CCC810E0&MUID=10B0ACBA5440623005EBB8F355EC63F7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
52ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240319&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c7cbb6ba8166905be912031d9d07813fdca7e19abe8768ebd68a7c4f405085e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12150
x-xss-protection: 0

GET
H3 200 RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js Show response
pagead2.googlesyndication.com/bg/ Frame C228 52 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RHT_zY17L6srHmM0oGH2isr7WAJbgO4PD0Os-3lRiIM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20381
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 07:46:36 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 7D10 64 KB
24 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240319/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1699
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24450
x-xss-protection: 0
server: cafe
etag: 12071440461849196005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:38:42 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D10 0
54 B 731ms
160ms Ping
image/gif 142.251.33.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lu1hiz9q&chm=1&ctx=2&gqid=NGn8ZcbDBdnbx_APuMy8qAk&qqid=COzVoeLrhYUDFQn25wMd0A0B3g&met.4=fb.18~lb.33~ol.6k~bdt.-1ap~bpp.-v2~idt.-qc~dtd.-pt~dt.-va&met.3=200.17_2~492.31_1~555.41~556.41~113.7o~112.7o_1&met.1=1.lu1hiz22~6.0~7.0~8.0~9.0~10.0~12.6~13.n~14.15~15.13~16.3y~17.3y~18.3y~19.6f~20.6f~21.6k&met.7=CCgQCBgBMCg47AFoBnAXeOcigAG7IIgBmUewAQG4AQM~CBsQBxgBICwoLDBHOBw~CBsQBxgBICwoLDBKOB8~CBIQBxgBIC0oLTBQOCNoLXBPeKUMgAH5CYgB83GqARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIC0oLTBCOBVoLXA-eM9DgAGjQYgBiJ8BsAEBuAED~CBwQChgBIC0oLTBeODFoVnBceMcIgAGbBogBiA2wAQG4AQM~CB4QChgBIC0oLTB0OEdoa3BzeIAMgAHUCYgBgRWwAQG4AQM~CAkQChgBIC0oLTBwOENoZ3BueL5JgAGSR4gB1bcBsAEBuAED~CBwQChgBIC0oLTBNOCBoLXBGeNH1A4ABpfMDiAHx7wywAQG4AQM~CBsQChgBIC0oLTB7OE4~CCgQBRgBIG4objB-OBBocHB8eL0DgAGRAYgBjwGwAQG4AQM~CCgQChgBIO0BKO0BMPkBOAxo7gFw9gF4rsEBgAGCvwGIAdmCBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.33.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sea30s10-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 17:07:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B52 13 KB
5 KB 17ms
17ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 10:29:36 GMT
expires: Fri, 21 Mar 2025 10:29:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 715D 829 B
559 B 52ms
51ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9382232adf08384d0936dfc19cac3c34b65f16e91b1a6ff063b52d3ff720efce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mRoxVQMJtj1ouXgEbqeRQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imgurl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mRoxVQMJtj1ouXgEbqeRQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 17:07:01 GMT
expires: Thu, 21 Mar 2024 17:07:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B52 40 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 09:58:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 715D 0
0 46ms
46ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240319&jk=3674499229139841&rc=
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2B52 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IuoIkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adserver Show response
fundingchoicesmessages.google.com/f/AGSKWxVeoZwGg_rSOxLxb5dxh7GwTx_veEhmQkzkj0G0-CQAJit2XvDPuIg99PveT7u-HOEuLe8L3KIWgwwMvE4q7cYggvcYZuavG2pOlV4HDRflf3T0uuluW2Khg6cfzTXtFqKM-DE_mQ7DPLg66y8nPyUDwQvfS... 54 B
110 B 20ms
20ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVeoZwGg_rSOxLxb5dxh7GwTx_veEhmQkzkj0G0-CQAJit2XvDPuIg99PveT7u-HOEuLe8L3KIWgwwMvE4q7cYggvcYZuavG2pOlV4HDRflf3T0uuluW2Khg6cfzTXtFqKM-DE_mQ7DPLg66y8nPyUDwQvfSY9T7uytiFflgyxpVW0xx3C60sEpM_0f/_/ad_feed./adserver?/skinad._120x600_/adlift4.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._H3CQAUmTeQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx0iLwDCYe0EVVe9QxO82tVfizEOQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c54d13f6403ea9746cc139a6772aebd27961e4869e08b407a7a931a7982b934

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IBGvg8BEpJ55rY9W5D1JaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-IBGvg8BEpJ55rY9W5D1JaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDsfXSx_VsAg13pz9lAgDmgDGz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
82 B 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:41:45 GMT

POST
H3 204 AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 44ms
21ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_g6sLxdeRj74r0vdRwy33g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-_g6sLxdeRj74r0vdRwy33g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1gDgFiIh2PrpY_r2QQW_Jv_gQkAyS0M9A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.imgurl.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 27ms
26ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PwmZyZcgxj3xA6LmiYEeiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PwmZyZcgxj3xA6LmiYEeiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1gDgFiIh2PrpY_r2QQaNs-YzAwAxxsMKg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.imgurl.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 25ms
25ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FvYSYFmEDolEdkkMTXYoQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FvYSYFmEDolEdkkMTXYoQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1gDgFiIh2PrpY_r2QRmvLsxiRkAyRsMuw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.imgurl.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 26ms
25ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EB0p3U5BC8VvmZIStps2Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EB0p3U5BC8VvmZIStps2Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1gDgFiIh2PrpY_r2QRmTJs_mRkAyEQMNA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.imgurl.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWZMwNH0dQOmcOca3nNxRTYv1lIGoLJ0QES3kOE5mXr49lVG9fUJ7lCVQpnGIQKktwnbKpOylZHDodFNBUQqtq6npklehfD8xX2jNV0h4M-7iXhX8Mc3doB6Yao5N1djwSmIRFmLg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZMwNH0dQOmcOca3nNxRTYv1lIGoLJ0QES3kOE5mXr49lVG9fUJ7lCVQpnGIQKktwnbKpOylZHDodFNBUQqtq6npklehfD8xX2jNV0h4M-7iXhX8Mc3doB6Yao5N1djwSmIRFmLg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMDQwODIxLDgzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZGUiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaW1ndXJsLm9yZy8iLG51bGwsW1s4LCJfSDNDUUFVbVRlUSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df7fdf75c195ebbeded7a9a0851012aeab4292bd2752a73a2b68a2cae502d48f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wdUB_3SpIsfQcMX514z-gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wdUB_3SpIsfQcMX514z-gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDsfXSx_VsAgvWHprODADgfDF0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVTXJzZ6jimJQP-Xn4njfYjgLDm4AldW1pJQg9xzCw5eHq58nBNGKfc7F2wjSVItYuF7mrWPTnFDXf9XHAW5X66a2Sm8sS7lw8OmuNwR8WhpTOyJLjRfjoMAGuQnCg65UI8IXq8lQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 26ms
26ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVTXJzZ6jimJQP-Xn4njfYjgLDm4AldW1pJQg9xzCw5eHq58nBNGKfc7F2wjSVItYuF7mrWPTnFDXf9XHAW5X66a2Sm8sS7lw8OmuNwR8WhpTOyJLjRfjoMAGuQnCg65UI8IXq8lQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7cfaMeTFWO1yZK5brpayMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7cfaMeTFWO1yZK5brpayMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1gDgFiIh2PrpY_r2QQedPYvZQYAx5AMYw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.imgurl.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 24ms
23ms XHR
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfcpMCmKgYBqpiryZK8IDkXh8jeDKB_TEY0krd8xgAzVuEkfi-BFXBX09qSg8R4RVSaUv68jopbDQ8D5VAIt6ffj8S7r2LgOGXxu3D_TkSUcoDNnOKRDYvRkAc9gqPSS2_JVndog==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vb8fwtT9jaDKLeWn1RNiCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Mar 2024 17:07:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-Vb8fwtT9jaDKLeWn1RNiCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1gDgFiIh2PrpY_r2QQmPH6zhBkAyfMM1A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.imgurl.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240319&jk=3674499229139841&bg=!-vml-bbNAAZaswqNerM7ADQBe5WfON_JHM1CrjbBDYjmMxfRmM8wXQ6d_8q6XbJquBGtgpPsxt6FnXxyJ7HQ9k_MFLKLAgAAAC5SAAAAAmgBB34ANXxMU5kTjoxjdE1cwNativMiiIp5qyUe_--BHSYlNz1OXtwjTLLojOA5uns5GY14-wFn4jYNmQJ6ZnL60w0tBrwhBR1lBkaM-TxdA_LYvVPPIRaCiz7dMsoRadoXWN-pnlQYIPAsMwxEK7TZyFfe9ZapQv20k3KTrkD9otL3I4QwjjlZhdxmHwFk26Kk6TGzpcxPOmI7NYxUuYRYnp8oh3D9gPMkKY9S0acyZcQBVSUV4fThXtXYsNSZ9fIlup3xrymtXQZGZ9mYkZhUK5buQ1XoBB52-po9oyrpzKQM7i1BFAM9yoBgshfgYi0D5KhYcylF-bfBejgP916KTRIfvZQfFmSSOQ4TDsmrNjD7Z01NHkZM9rEP9EsxdROcG-M09q0w3yzbkpb-tnFbYZ7W0tP6Hz4WS3Y_x-rtLCVBJbXyI7R-jil-wSuNPSbNEs-FEM8Gr1cgXN_k289T155OWMYClNhqBBUfLG3AsjXrls_72wGB1YTfewipjBmr1gdodZMcvaKxSAr4prquhMmjiTzSmMO6qT710HKMCQS7kfiSPfn222cKocbTNxMJ4exAVOzcdfjPoPAYCSRCEyDzjkeKd5N5yFi9k0Hb9gvs7d5eQ69rpV37kUHnzCWmAWNgf838HX7uVvBvAQk14eiEfa1ZqkF5l6UWaYste1DWbct5JSg-J_qQSRgO9Ol9rZJ0TdlEADEaRDA4nv8b86_9YzT-dpqNsx3GiC1YyogveBv21KyhWq7EQrSLiRtGy3cMBrJO78NnTTr8fDFGCq13t06pGxpZL_iCr4NxY6eCRGKMQo7r3GyD94hLXjghyziXmiYGbeJKqTZYEySsVXh7uGBhe8ViF3vWTsTaO2mM0UoLTkBLoW-AwMw0-3EWMSfjFyLcXRA4NkD_mnlqP7pRyqcjvg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF81 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB2YkL0gfV9VeLkKCGaJ-cqb9G8HQqUU99bvJ49_9HP8ARn586BOtk3pnbOPvUxixQa_WAPS71aBnu2iaORM9JPB7dFjrBcasY7b1J4FU1R7RCE_Tj_F5oOR5rlYok9V2JRwCNBsCQunB7I_1BH2Tpzr5eXBvbhDI&sai=AMfl-YQI-yXaT3I3DFDnxBrHVJYJRyhzfKxyA3Iqi9AUav8UDuW0cbrjPUiNn38fBpeuGW5nhBQYHny4Zj6xafpeYJuMrwwKPKknf7RCxN3rXfGQ2meW6aDWmVo_u3adaKtvMYzfXPnZDOAtE8tahxtK&sig=Cg0ArKJSzJct6E8c3QeqEAE&cid=CAQSTgB7FLtq1fBX1DO3G-UdECu4nvO1y0JF334NNsGwcxBiWUSEFLgsJR7XepoyuGzXPZRk9Q73rKprl1qm-KTdspNDw1uKS3TlbRf--Fd3KxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3809598800&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=697362000&rst=1711040820075&rpt=885&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 162ms
161ms Ping
image/gif 142.251.33.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lu1hiyd4&c=3674499229139841&e=44759876%2C44759927%2C44759842%2C44795922%2C95320378%2C31061691%2C31061692&ctx=1&met.3=1000.4mn_5__1~782.4mn_5~1001.4mm_6__1~164.4ms~165.4ml_8~247.4mt~248.4mu~164.4mu~165.4mt_1~166.4me_g~1032.4rj~326.4rk_1~832.4rl~868.4rl~216.4rj_3~215.4rj_3~843.4ri_4~889.4s0~639.4sc~1032.4sg~326.4sh~832.4sh~868.4sh~216.4sg_1~215.4sg_1~889.4si~639.4sr~112.4sx_1~429.5e7_1~993.5ef_1__3~992.5eg__3~994.5eh__3~991.5ee_2__3~990.5e9_8__3~353.5e8_9~168.5ek~168.5ek~168.5ek~168.5ek~168.5ek_1~168.5ek_1~453.5en~754.5eo__8~995.5eo_1__8~998.5en_1__8~453.5eo~754.5ep__b~995.5ep_1__b~998.5eo_1__b~453.5eq~754.5eq__e~995.5eq__e~998.5eq__e~453.5eq~453.5eq~453.5eq~454.5er~454.5er~454.5er~453.5er~753.5es~210.5g1_1~1032.5g2~326.5g2~832.5g2~868.5g2~164.5g2_1~165.5g2_1~466.5g2_1~1032.5g3~326.5g3~832.5g4~868.5g4~164.5g3_1~165.5g3_1~466.5g3_1~522.5g1_2~525.5hp_6~1013.5hw~525.5hv_3~639.5i9~639.5i9~168.5lb~168.5lb~168.5lb~168.5lb~168.5lb~168.5lb~168.5lb~168.5lb~168.5lb~168.5lb~952.5ld~168.5lj~168.5lj~168.5lj~168.5lj~168.5lj~168.5lj~168.5lj~168.5lj~168.5lk~168.5lk~273.5of~113.5oh&met.1=1.lu1hitk7~6.1w9~7.37l~8.37l~9.37l~10.3ha~11.3cg~12.3ha~13.474~14.475~15.476~16.4js~17.4js~18.4jt~19.5of~20.5og~21.5og~22.4jz~23.4jz
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.33.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sea30s10-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgurl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 17:07:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
294 B 99ms
99ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.imgurl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.imgurl.org
Date: Thu, 21 Mar 2024 17:07:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 04:02:56	Name: CLID Value: b80385913e1b48a1be6cb411364e2fe8.20240321.20250321
.imgurl.org/	1970-01-21 04:02:56	Name: _clck Value: 1wp6lhv%7C2%7Cfk9%7C0%7C1541
.imgurl.org/	1970-01-20 19:18:47	Name: _clsk Value: 1vyg54h%7C1711040820547%7C1%7C1%7Ck.clarity.ms%2Fcollect
.imgurl.org/	1970-01-21 04:38:56	Name: __gads Value: ID=2f1c9e9395638e54:T=1711040820:RT=1711040820:S=ALNI_MYx6aDUhEYZ-s5ZjKOpk2zZh6GTxA
.imgurl.org/	1970-01-21 04:38:56	Name: __gpi Value: UID=00000d7867d302e1:T=1711040820:RT=1711040820:S=ALNI_MbGKGyspaEhyK8hFnNdhpY2xabFcA
.imgurl.org/	1970-01-20 23:36:32	Name: __eoi Value: ID=769743c79f611191:T=1711040820:RT=1711040820:S=AA-AfjZVx6A0MUAl1yzRyjP6wdvL
.doubleclick.net/	1970-01-20 19:17:24	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 04:53:20	Name: IDE Value: AHWqTUloUzK2kraxJY116NEgQCWPlaGyuOydh8Tf9yNsEeU7vrQZ0F4y9exT8PxO2HA
.googleadservices.com/	1970-01-20 21:26:56	Name: ar_debug Value: 1
.bing.com/	1970-01-21 04:38:56	Name: MUID Value: 10B0ACBA5440623005EBB8F355EC63F7
.c.bing.com/	1970-01-20 19:27:25	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:38:56	Name: SRM_B Value: 10B0ACBA5440623005EBB8F355EC63F7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:38:56	Name: MUID Value: 10B0ACBA5440623005EBB8F355EC63F7
.c.clarity.ms/	1970-01-20 19:27:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:17:21	Name: ANONCHK Value: 0
.imgurl.org/	1970-01-21 04:02:56	Name: FCNEC Value: %5B%5B%22AKsRol8guVpZK6h7ycxW_1SGbycUCatw3pOX8g9M1RxdhvDnVvb93OOZ5L6E1yTbW-vbLbJcGpAjP0yi2cmylKgRB_nOCqjpI3XyXYL7d8WA_DnfO3S0VTDgrUBW366XAFO28VIRuie8dfZ-eoDs-ys1Td2BE2bnDA%3D%3D%22%5D%5D

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgurl.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imgurl.org
k.clarity.ms
pagead2.googlesyndication.com
s3.bmp.ovh
securepubads.g.doubleclick.net
tj.rss.ink
tpc.googlesyndication.com
www.clarity.ms
www.google.com
www.googleadservices.com
www.gstatic.com
www.imgurl.org
142.251.33.99
142.54.162.36
172.217.16.130
194.13.80.102
20.96.88.162
2606:4700:3037::ac43:9b6e
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:828::200e
42.192.153.76
68.219.88.97
01f72500527392e54f2bfe2adf01b66b51ed42280d32dbac935ad706179acccb
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0515eaa1c952a5500757a460e9d880ea0878b6f42369824dc3f5e34906eaa03b
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0f622ffc7f9346a175e8d7cbda6b4226324e3b75de37b0ad01607a34c337b589
129c8ffbe2aa6b286c99954e68217e4699c440f9b3625a7581b402b0d05a3bda
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31655356dc058a1082546efdc3dc474abc57135358dcaf4765ea505b42c6c1f1
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
41193689c350f873e11ca1b9443c21ce70eb2badff876c8086a55303dbe06d5c
419c315057ded80663e34d54c0d0d116fa9fedafdd9210176496815e24bb9f74
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4274b9ab310490f74153e56fb8bd92346dc3ada706cbe5e4ffc8f8534b602f7d
43e3c2e3c479f1acf839b1fe261ac82e5d5ad6376be0dcb51ead2259de5d44f4
4474ffcd8d7b2fab2b1e6334a061f68acafb58025b80ee0f0f43acfb79518883
4bd5f05e7f2f19a86e9aec77b561039d5e040a823bbba768010eefe2256e4019
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8918dfaab4935ed6bfe153985443720411393ef08d60fe2dfa879014e499cd
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
6020e60752915a02a3e276f11f42d938c5af82b12d9f6781b343210c47a01f92
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
764d6a085133ec16a727a033d52d4c7bd01c1fb2ddd5e5615d3b2b5dff7d7796
780e1aeb7b7dc46265725d8e533b91c03a863b07230acaaf0fa26751c4ba9602
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c54d13f6403ea9746cc139a6772aebd27961e4869e08b407a7a931a7982b934
8c7cbb6ba8166905be912031d9d07813fdca7e19abe8768ebd68a7c4f405085e
8f4bba2904a5e344b8efbdcc6d5220fe392ba541a6dc7312ea1b9506e4107a21
9382232adf08384d0936dfc19cac3c34b65f16e91b1a6ff063b52d3ff720efce
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0e5adfcdd6b1c1961ee679d9031907e490fd59a8bd7d071ecd584874e46321
9cfd90b2b9759de132ecb2f27fbfc0260b0cbbefce124382cfcfcc74acc4c65a
a5e523e9fc2e53beabb15afb270ddae636243a27520b4263cb568750e31d9cb9
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d
abecb4abc386e0aecc184beae75635c71405b97988c2b8746cb16704d53f6935
af5a89677e0c353454cb9994c0c73bab3c354b7395d5934edb5be72e38947779
b1999fdb8cb96072b091c3a5a5af57aaa9ca9768bc325d3341be39aa88771b1c
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c9f6348fbf28ecae404b8b08c816579f564cd305f360f57f28c04631da7748a9
cbb01f76b884f635770f546419d3ea887bd47357068924d0978691bf98c9e2e2
ce91a49e0b91cfc94859c14e209f1ce4918adf6efc8714aab4f671bfdb7b18e8
dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
df7fdf75c195ebbeded7a9a0851012aeab4292bd2752a73a2b68a2cae502d48f
e18ed790d7d593ba6388f444e6606ecd4ce9fe171a503a8fa2fc3e9f93c3ba6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4060e2913f82faa5bbb8641e0456526a4f8d6bf946f7b90a6104159354b4985
ef16539c1d38c323f79d96e30ead5634e9d1ef6fe3edb28078291415ab43de35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.imgurl.org Open in urlscan Pro 2606:4700:3037::ac43:9b6e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

98 %HTTPS

61 %IPv6

11 Domains

19 Subdomains

16 IPs

4 Countries

1608 kBTransfer

4151 kBSize

17 Cookies

9 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.imgurl.org Open in urlscan Pro
2606:4700:3037::ac43:9b6e Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

98 %
HTTPS

61 %
IPv6

11
Domains

19
Subdomains

16
IPs

4
Countries

1608 kB
Transfer

4151 kB
Size

17
Cookies

100 HTTP transactions
1 data transactions