imgsed.com Open in urlscan Pro
2606:4700:20::681a:b84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://imgsed.com/
Submission: On September 04 via api (September 4th 2023, 8:08:34 pm UTC) from US — Scanned from DE

Summary HTTP 155 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 27 domains to perform 155 HTTP transactions. The main IP is 2606:4700:20::681a:b84, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgsed.com. The Cisco Umbrella rank of the primary domain is 414823.
TLS certificate: Issued by GTS CA 1P5 on August 5th 2023. Valid for: 3 months.

This is the only time imgsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:20:... 2606:4700:20::681a:b84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:e400:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
14	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.139.243.81 108.139.243.81	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	34.251.225.99 34.251.225.99	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	35.156.208.169 35.156.208.169	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
4 4	50.31.142.159 50.31.142.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 1	54.160.39.45 54.160.39.45	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	52.193.101.23 52.193.101.23	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
155	32

4 2606:4700:20::681a:b84 (United States)

ASN13335 (CLOUDFLARENET, US)

imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-81.mxp63.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.225.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-225-99.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.208.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-208-169.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.31.142.159 (Naperville, United States) 4 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.39.45 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-39-45.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.101.23 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-101-23.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	criteo.net static.criteo.net — Cisco Umbrella Rank: 603 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10696 csm.eu.criteo.net — Cisco Umbrella Rank: 10389	209 KB
33	googlesyndication.com abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	176 KB
23	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 cm.g.doubleclick.net — Cisco Umbrella Rank: 237	251 KB
22	demand.supply live.demand.supply — Cisco Umbrella Rank: 39979	41 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 426 mug.criteo.com — Cisco Umbrella Rank: 2631 ads.eu.criteo.com — Cisco Umbrella Rank: 10282 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 19450 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 11410	72 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 546	2 KB
4	gstatic.com www.gstatic.com	43 KB
4	imgsed.com imgsed.com — Cisco Umbrella Rank: 414823 s1.imgsed.com — Cisco Umbrella Rank: 731153	12 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 149
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 659	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 591	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 791	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214 Failed	114 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 755 id5-sync.com — Cisco Umbrella Rank: 400	27 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 809 bcp.crwdcntrl.net — Cisco Umbrella Rank: 776	12 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2547	304 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 7689	44 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 716	1 KB
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 756	463 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 342	146 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	89 KB
0	aura-dsp.com Failed sync-dmp.aura-dsp.com Failed
155	27

	Domain	Requested by
22	imageproxy.eu.criteo.net	ads.eu.criteo.com
22	live.demand.supply	imgsed.com live.demand.supply client
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com www.gstatic.com
14	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
14	securepubads.g.doubleclick.net	1 redirects live.demand.supply securepubads.g.doubleclick.net imgsed.com abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com www.googletagservices.com
9	cm.g.doubleclick.net	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
4	b1sync.zemanta.com	4 redirects
4	www.gstatic.com	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
3	www.google.com	tpc.googlesyndication.com abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
3	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	s1.imgsed.com	imgsed.com s1.imgsed.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.googleadservices.com
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	um.simpli.fi	2 redirects
2	www.googletagservices.com	securepubads.g.doubleclick.net abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	cc.adingo.jp	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	cms.quantserve.com	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
1	rtb.fr3.eu.criteo.com	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
1	x.bidswitch.net	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
1	ads.eu.criteo.com	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	imgsed.com
1	imgsed.com
0	sync-dmp.aura-dsp.com Failed	abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
155	39

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
imgsed.com GTS CA 1P5	`2023-08-05` - `2023-11-03`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://imgsed.com/
Frame ID: 41BF6708F372E78D10BE7F3B71C59A64
Requests: 53 HTTP requests in this frame

Frame: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4540F6D4B0106E0DDA77B397C2BE0CCA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com
Frame ID: 39CA5F1EF9D8426CD76BFC1BEA05362F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 236F422F5EFC4832D38818347D22572B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F45E2BCFB1FB868715247170CE30E80B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh1Ymz_bKkmGaNx8zojbQ5bUzw3e_rxDZ9FO7mcouDxVQ0nS4yUpEN8sb0YZrttYK9e9XWFsCUxURtl-CoE1QqwTtYwgroFIY4RBa-6mqdrJISJC-Nrlfp7AvAtJQ_bWcC9a8oJAfNbDQbRACphyPein3y2GfG4WGI5axStWfousLuOMd7yShokBgQlOtbBXngsNrTVNPGCgP7PTNbEE6h4Uwdxjom5gK35cysnijXBcYZ92agHhXzAIlywFEnhirQVuv2PXhUDoNE68GUNWIjKDWkO3wFFjQxpme595fxhjc2tyh8XHzaKpNixqwc-FjKf1ngq0gunwFvp9fDCbHJtn70O2oyCN7soDhOoLbh6jbBpgQsVhQfwKUnud87AB-ZfTSzx2tl&sai=AMfl-YRR4o_p6gO8yHgAjwbhqn9x6Q4QOjK1jVDKJh3TzffwAC2QHY3wnWqrtLnZ19FcoXgTjvLKEtz1VopzcP40fRb0gmQeEtzutu4miFDb98notF0-0IfjpJq-jW3bhbfb3_GKMyZ-ey8E4xEJ7kx0&sig=Cg0ArKJSzAfPm_-jgFYREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EDAEB58AC3E1A51229F7D2A6D5F5D5B3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIxYcTv-ZhBdzCVE_Va0822NoBelop2eqAWMEWkQgShf6krQGT4HlmzWuvt_OGfcECOgD-I-CyRVABDwucTaWA3zB_ceVVrarft0FfFQCBrRtt0P1cNSWmtD_vclq0vv21j9ojeX62QNi16lDgnu3kY2BvMezGHr3iDpBenfHDW08ddL4UcUt5NZ4dEsKc3-1pLVGg5MKXn3vPxlS8OeRvg4O2Cwxl6POWhk3TsO4jMCYw-_p3B6CqNZ_4SC1eGpSgRchxPlcPrmro0AlibXdz-iqse1SntT7jnGMTVGZogNFwxBsmqoO20WbXdqFVUs0J6HznC2Mh7zNmg055pMkXcZq7UhMq0p8yh4nninrWh0h3191Bru39eMIyMO8oLqkEoV4vDhDO&sai=AMfl-YTCF_exjjgJsK-m_xidBXpZl7eLfa87ViSJIQZ-7VrVEJEt-9GJeaL0YvWDbad_3tTiyx_b8Y3J8d3CgNe2Wg2r5S-utGd-UXFTRF_2564GUNNel9B-cHsPmKL_cg&sig=Cg0ArKJSzMXvuUR4k8HCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8B6AB3A11C6CBF50C7E52CE8A06F232F
Requests: 2 HTTP requests in this frame

Frame: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D87A67D31E6E72D39529986DC0CDB468
Requests: 10 HTTP requests in this frame

Frame: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 670CF5B9F89E830079AF46FC9D072696
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPY5PAAMoLEK3rkaAApXNTZr6kpTvR2achMang&u=%7CCc%2FXZ6mmwoZPoGsEIMYXXbcU891GdnVpNOc%2FQZuFxLQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku44-A6-e-u9t-FhGlWRwZcn8ljnS57jnxEfTZN_ET87Pgj_O6hKIxlsPELOFJCxEuJfSaFHzKK8_8RL_WQHStj1tE2azHbA6GWiyXxrBh2vyEjFJ59Crjm04OmO0o10XdcwdIP8MAkYbVJYSSGhoRbamHIWYXWcOZb7-5vhfot7ybMIijtOwGG-0JefIYFDj3Ufu5duzoNBVsCpIYOaRbrd6hiI5ppJs8HBG22BqPo0vP3sYYMyipTeg3wASRruEqXz6AnzWAxgWNGjGcrTfsG0t5JoFNQXQ3PdEz0_8tqMttnFIrjN4DXa0BeFDcjiPeWF5dpNLyVQ7a35XwMBrm7yTsG58WGmIzh9CsdmXdjHKSvaKuOSQrGNiEaDhAitnTAFIF1b7MQ37owjpKJVOfwiLn0DrFvNLVjX_kyINOg1IQl-mu3tsYG4QphoL3jfZeYJYB6yWLSBx0h_Vn2vPwHXC4ffzSDK5fcdaxNbFZTKbtKGM-JKAvOu-6lYF8c5x-IHYch1fuzYVbggdU09uyT09zLSG6z8Ak1gxvPmCrNM1MwazRLGIG8cYdFPK8Av11SUafWwodAftGKZmJVtI8yvk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJzD_PDn2ZLHBMpry-ga1rqnADcme0rFc1Z2R93DAjbcBEAEgAGCtAoIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLM01qRMR6yPuACAKgDAcgDAqoEjQJP0PQg7zUtCrv0hmzAw4WdQxSPVEkkbjr5O3-Hveu4lyADvm6dwPN5Yk5nPnsgVhjqUAvGVkgqCnAqAHN6dBhm8AzuxHZAm6-O-0f97kqs6CfBfavY5Wgq54pCNiMb6A0VDdSk9y_Uk9CH2qQ1zHaEs-o3sjUr5mvjSPK9lweZzuKQnVav603LPf3R2rgOUEDCZ7bdJDy4kWIyuCQKCpzCAVWM11p7_4hLZoS61HNk7yNLV6uOEJofWM_tUfL2GHwsHah_nIiJ6bwJqCAh7OMEi5l3znjo5U-5VHgXBjjSObCQKDxz4NxtVKgG5AAnQgEZfr7hCtnPFXL2FjPPaZkr4G6P2B9kJbDBi0ooBuAEAYAG9M-Z3Lmg5OezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EsmUc3C9DNOCBWURiO0g2tMyN2Q%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: CDF71B19EBA2DF2FDF7D15A5A85842CA
Requests: 40 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B367B96B73858495D481CB9E3330A26F
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
Frame ID: 2970DEA124B7D1A331D2A1D911A12E9F
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4ACCA986365626A7D5C8D222FBB8EF05
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Frame ID: 796801198D62BDA66AEB8AE551621563
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

download instagram stories highlights, photos and videos online - imgsed.com

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

155
Requests

90 %
HTTPS

58 %
IPv6

27
Domains

39
Subdomains

32
IPs

7
Countries

1057 kB
Transfer

2709 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://imgsed.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=bkjNjHxsV1VDb3BmNlNJZFFkVDMwUXYyM1RoN0JtanB6M3Q3Q293TGxtZTVmOVRGL0hWaG44RHBvcDdiaUo3eGZ2Zm91bEt1cFBjSVhmVmNhVlVoNWNvOWJPd3JWT0pBTXJGOVU4V3pjVG5jQ0IyVUtueHFPTld1Zk15YzlGZXU1T1VzZGpiNEw4Qk04czZQcVErbUlzK3dmQ3RRUyt6S3RKRmJWTi9zVjAxR0tUSE5TMUJJcXpHRThoMXVjS3R3bjAySHdJMm9sRWlKTVduMXVvR1BMeU1vTzBURHNmTUNrMUFacmRzNjJIWGEvcWo1eTQ4SmN4VDNtYnVZNGk2SGhqRmlPc2crcnRCbFM3TzNwcStkNCs2VjJlZz09fA&cppv=2

Request Chain 83

https://um.simpli.fi/gp_match?google_gid=CAESEGmZFiGNFAncuVnm1JMb6jw&google_cver=1&google_push=AXcoOmR_kNrpwJNprd4WxJvAntI8M1PyA3K8fGmYjqrGxXpHVLr7sEVPDL3Ye8NVImdzGhhFjM-dgXYrmMGOJaCshSGRZhROsTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmR_kNrpwJNprd4WxJvAntI8M1PyA3K8fGmYjqrGxXpHVLr7sEVPDL3Ye8NVImdzGhhFjM-dgXYrmMGOJaCshSGRZhROsTg

Request Chain 85

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBNNWeTxJEEGyKK9qA3w7TE&google_cver=1&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smqhsO_gZbjSHiu5Q3RUJDr8LIyu HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBNNWeTxJEEGyKK9qA3w7TE&google_cver=1&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smqhsO_gZbjSHiu5Q3RUJDr8LIyu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2NDcwMjg1ODI5NTYxMjg1MQ&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smqhsO_gZbjSHiu5Q3RUJDr8LIyu

Request Chain 86

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPou3WHhPyGZhKUn7F8GwGc&google_cver=1&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-ziMDw6kxFWJUyQYV HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPou3WHhPyGZhKUn7F8GwGc&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-ziMDw6kxFWJUyQYV&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-ziMDw6kxFWJUyQYV&google_hm=SWZiNnpGN0g3Tkt4cmlhdmh2dzY=

Request Chain 97

https://um.simpli.fi/gp_match?google_gid=CAESEGLJfOMse5eG0u-1_1kkMRU&google_cver=1&google_push=AXcoOmSxBoqFEBbchQi1v-R8RIv-b4zIV8-kvzd7S1-pFWpFU9VsNSvjdiQkiSrLj4yc8Pmm4_ru97eVm9mfZmYB-luZjH9hyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmSxBoqFEBbchQi1v-R8RIv-b4zIV8-kvzd7S1-pFWpFU9VsNSvjdiQkiSrLj4yc8Pmm4_ru97eVm9mfZmYB-luZjH9hyA

Request Chain 98

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEC4Pn7VDBeU6bAnoJqGsBAc&google_cver=1&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM0LbRRKBGcPv-g HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEC4Pn7VDBeU6bAnoJqGsBAc&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM0LbRRKBGcPv-g&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM0LbRRKBGcPv-g&google_hm=MC1aazlvYUktQTRDN1NZQjdMdno=

Request Chain 99

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKCl9e6MYAb-cN0tEQuG4j0&google_cver=1&google_push=AXcoOmRQ0qRy2EyhnbFBhw0gY8JxeZaBUo4IioS5WflTy27pdH-YmPcShkHVa_6mWsFBhah-y1rN7rPAQ3HxoKRZeL1p-QR69WI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bP3ephG9W-dP-6vA76DEYlFfBSo&google_push=AXcoOmRQ0qRy2EyhnbFBhw0gY8JxeZaBUo4IioS5WflTy27pdH-YmPcShkHVa_6mWsFBhah-y1rN7rPAQ3HxoKRZeL1p-QR69WI

Request Chain 100

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENoKtU-QoMy25BXL5DvEoKk&google_cver=1&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAOeQrF1njL9k HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENoKtU-QoMy25BXL5DvEoKk&google_cver=1&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAOeQrF1njL9k&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAOeQrF1njL9k&google_hm=HRD4qGZHUa944QYPRu-ioRY4

Request Chain 104

https://securepubads.g.doubleclick.net/pagead/adview?ai=C8hkNPTn2ZLCkDMLwgAe2g5yICdXO3aJyudLQ47ARqsTT_IQxEAEglZvKIWCtAqAByYS5uQPIAQmpAl1KwPWwF7I-4AIAqAMByANIqgTtAU_QWD1zcpAXX18BffL1HbQbv2hj9PLHVh-KLSgiguxwv4PvC0EAtLs991MLjnTrmlhMVikwIxq6CiPG3_qPmdfaTYr1_B7UdXzpH_zvFMcLSe_PQawFA0ySIYJpT-XtpsYX_EqwllPadq1_VkpxpBrCBpvFs7fkuUM7kLGtgFR7hxr6he86QQVDOP8Sy4SyzxxhYVA_ch5P-iAQzv_zKGxmpH-LZTeJ5zDIaIJhPlZg3tDDksmHd-RpHwAvkptI1E2xNnlZCISicey-WJ7vemwTLLgRa_GncLAVO-b2fYBCAJXoDzGikfVsh7TQhMAE4qia1vYD4AQBiAWGlILPPpIFBAgEGAGSBQQIBRgEoAYugAef-8ZGqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ9kbSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk3aHR0cHM6Ly9wc29yaWFzaXMubXlkZXJtYS5pbmZvL2dub3Jpc2UtdGluLXBzb3JpYXNpLXNvdYAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=TK11cvAUBZI&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWHV4IK0klhpm3t7LGioIK7JfogL-mX_EgxdW7rWj17FShjV7hRA5L_iF2gWNIK5PE4MiqpYmXZxgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211738700704099641249%22,%22debug_reporting%22:true,%22destination%22:%22https://myderma.info%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22925778505%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216283150731332330017%22}&andc=true

155 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
imgsed.com/ 2 KB
1 KB 47ms
15ms Document
text/html 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6001ebdedf778704db83ddc2288a754578cf020e71618c15627955ded42ae4cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8315
cache-control: public, max-age=10800, immutable
cf-cache-status: HIT
cf-ray: 8018dd55f8fc3801-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 20:08:27 GMT
last-modified: Mon, 04 Sep 2023 16:05:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8QEvs%2BrDSIm%2BrjVYp%2B3sJ%2BrjeeCJzHahLocbfvYdAZb65EX0rfbS2OLrkBGR3fNRV2Xul23OdO9%2FvLBInjJx9t0ALX1FKR67js1d9swPjCJEw%2F%2F%2Fkavy%2FYRpFRGeVd6qQoHtYeNMb0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: MISS

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 286ms
258ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5897c881edcb864a0de7c4b79772d0c460568ccd74c3f720283fa6060a04c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H913VYFTJTMGRG2WG00C550S
date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 906
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d94ff32e24df6d9db0f0b53fa8cf2c7a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 8018dd564ed86904-FRA
link: <https://live.demand.supply/impl.v17.14.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 art.css
s1.imgsed.com/css/ 36 KB
7 KB 38ms
19ms Stylesheet
text/css 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/css/art.css?v65
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcee99a98a72212441b7740bd71c6585a33232466f36c9ff5f54431895e72143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 07:41:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 131197
etag: W/"64f438b2-9081"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gy0iQSce3w8bVLbbBE3Pf38cahRIX%2BS%2Fj%2FfLMWrIwoauSgyNFKuPfxk8c6eQUcnNkwDebmtRnhWfFTdrtX%2BrQCyYaJhSr6N5IHlF4AHAARt0ohROrsNggpVl7vrW7oe%2BGlY%2B%2F1EkvtCbhj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 8018dd56396f3801-FRA
expires: Tue, 03 Oct 2023 07:41:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8096af6b3e98ec4d35d492edaa88910bc1f197e6d7d14a3a9617a98e4272349e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 20:08:27 GMT

GET
H2 200 art.js Show response
s1.imgsed.com/js/ 7 KB
3 KB 36ms
18ms Script
application/javascript 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/js/art.js?v65
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8418b3b3401e9ba6f3a17a15fd7f27d3633cda58ba129231631c07720435499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 04:13:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 131196
etag: W/"64f407fe-1d4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sggpVBHcxZOx1dAVmF3Ggxer9yd%2B0mIykHgcXC8mJ0PoDFk9wNLkUDS3RXCCtEN%2FlBE71pzmec%2FZojl00LcmEtnVVE7LUJuNhi5uagDuz4VQOPPlGJfOcYgy60jgOEFRnIx%2FkWN%2BmRojWOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8018dd5639703801-FRA
expires: Tue, 03 Oct 2023 07:41:42 GMT

GET
H2 200 search1.png
s1.imgsed.com/img/ 332 B
782 B 20ms
19ms Image
image/webp 2606:4700:20::681a:b84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imgsed.com/img/search1.png
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/css/art.css?v65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/css/art.css?v65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 855542
cf-polished: origFmt=png, origSize=828
content-disposition: inline; filename="search1.webp"
content-length: 332
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 12:10:31 GMT
server: cloudflare
etag: "63ac3237-33c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL%2B6z%2BzdTnnuISo%2BbrDOw%2FAve6IL92ai9zpJo0znSPL1EymXXOHWLbu1%2B1rlu%2FmCg%2F52nWQNCP65sNMspkmdjL%2FG%2Bt5gLeOBjjlq3CDUsUoI1Plew2HxRq%2B3piAs%2FHOkl6JUHeH8fhg518w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8018dd5679b03801-FRA
expires: Fri, 15 Sep 2023 18:11:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 42ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je38u0&_p=2000003253&cid=258808240.1693858108&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693858107&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v17.14.2.js Show response
live.demand.supply/ 82 KB
27 KB 101ms
100ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.14.2.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H913VKQN69AD5D7PM815AE4H
date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 529646
cf-polished: origSize=84250
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3ce466eb95e0d30ae9ee8f6ff9db4cdf-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 8018dd57e8ea6904-FRA

GET
H2 200 aW1nc2VkLmNvbS8= Show response
live.demand.supply/p4/v17-10-0/ 2 KB
885 B 144ms
144ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS8=
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0907ee0a03065a9961ed6537e9277551f907d6a2b93c4f806af88aeefa5e6445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 8018dd57e8eb6904-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 42ms
29ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=287&cs=c&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd57f8e29012-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 143ms
95ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2243ce0f44701e48d3bfbe2df4342a33db4f0ff39444089c1c3d0b9637ac68d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29192
x-xss-protection: 0
server: cafe
etag: 293 / 19604 / m202308290101 / config-hash: 15830000896466728742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 20:08:28 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
620 B 32ms
19ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H743D4DTH4YVWEZ14WD5Q382
date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2441810
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 8018dd57f8e19012-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 imgsed.com_fluid_sq_index Show response
live.demand.supply/cp/ 30 B
375 B 225ms
224ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_fluid_sq_index?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56ab353297f5780781dd4c5efb8264093c43ca4ab719e21f13c9bf48f47300d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8018dd5899869012-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 imgsed.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
373 B 323ms
323ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1aa0a689b2345b750b54b4505d7a154b3b5cb46d4577d88a4c96d10e36c502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 8018dd58d9d49012-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 403 KB
127 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 14:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129682
x-xss-protection: 0
server: cafe
etag: 12917394590533080382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Sep 2024 14:01:48 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd593a779012-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 58ms
7ms Script
text/javascript 2600:9000:2250:e400:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 04 Sep 2023 05:08:19 GMT
Via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 54010
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: vfrrQsFdLaW7CgKwcRGcjuuVppSdi3g_SUgrGoggE_ZQAD_Yvg5TyA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 87ms
40ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 02 Jan 1970 00:00:00 GMT
server: nginx
etag: W/"15180-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 20:08:28 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 73ms
16ms Script
text/javascript 108.139.243.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-81.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 15:55:11 GMT
content-encoding: gzip
via: 1.1 8a18f55d51efc3ad7cf529879a3478f4.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P3
age: 15198
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: cBuujZXkfzzJiQdMSVMeL-dvpk8AxpIRbMwU0X3TIyRzNDXjghu20w==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 55ms
19ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: WHJWEXTY2JDTWEHF
age: 523
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8018dd5998e89a2a-FRA
x-amz-id-2: QkmbjKdbZiX9w2b15vxYkzQcv4sC/WZEhMn9+ut/0lINEjbSTYnO96DOVZiZnegdYLFMphUpy2A=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 60ms
20ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41298
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMT5eOpFt%2F5dh6pzQSrXntMB7qLg6zwdW%2FG2JbeBxkYeFHjTNXkro6%2Fq5orbap0rz1uloCpc7CmKDFp5W8Xf9RmmcUorpKO4qWUyRUGlA00fqI8Lj3UGGBzhrw4wlLcJ3KQfYymgcBkQ43ztbX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8018dd599da2bbaa-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 49ms
24ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 7a5e5d7679d4c26f7f95619e037f4562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
714 B 161ms
160ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=406318388655520&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C5b1fcc9a-8fd7-4f9e-af23-7e840d87b75d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693858108368&lmt=1693836359&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjOp76OpjFIAFICCGQSGQoKcHViY2lkLm9yZxjOp76OpjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yzqe-jqYxSABSAghkEhcKCHJ0YmhvdXNlGM6nvo6mMUgAUgIIZBIZCgp1aWRhcGkuY29tGM2nvo6mMUgAUgIIZA..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26interstitials-bid%3D4%26bid-p%3Dgoogle%26bsc%3D72&adks=3557535414&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba34cee08af4656fe17a46da5bc47599bde585f124930523cc10fe6f0974b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 683
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4540 6 KB
3 KB 66ms
15ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 20:08:28 GMT
expires: Tue, 03 Sep 2024 20:08:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 38 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7f7b4d4ef31836eb7a95af9e7c212ee1ad1ee0cd20f75d298ee708fb7eb0a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 14:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13569
x-xss-protection: 0
server: cafe
etag: 6174382377942399123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Sep 2024 14:01:48 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 36ms
10ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://imgsed.com
date: Mon, 04 Sep 2023 20:08:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 106ms
30ms XHR
application/json 34.251.225.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.225.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-225-99.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e5b44ada2a78ae7e065d0653a2d6f85d71f803564e34a3bbd1ba915d4c6e5cca

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://imgsed.com
cache-control: no-cache
x-server: 10.45.8.183
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 39CA 15 KB
6 KB 46ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 20:08:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 231805
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 102ms
102ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pdc=0.26922481060028075&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5a0b629012-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 274ms
273ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=3864810770199911&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9e1762e5-f19c-4938-8d9d-60bcfa7404f5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693858108488&lmt=1693836359&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhkKCnB1YmNpZC5vcmcYnqi-jqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM6nvo6mMUgAUgIIZBIXCghydGJob3VzZRiLqL6OpjFIAFICCGoSGQoKdWlkYXBpLmNvbRjNp76OpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMOovo6mMUgAUgIIag..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26chrand%3Dy%26pof%3D0%26bid%3D0.18%26bid-p%3Dgoogle%26bsc%3D72&adks=3650863032&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bed1a59ce85539fa25e28cde62f734b814d9a0e37c71466ba601d9a5737edf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0
google-lineitem-id: 5564063177
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 39CA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=bkjNjHxsV1VDb3BmNlNJZFFkVDMwUXYyM1RoN0JtanB6M3Q3Q293TGxtZTVmOVRGL0hWaG44RHBvcDdiaUo3eGZ2Zm91bEt1cFBjSVhmVmNhVlVoNWNvOWJPd3JWT0pBTXJGOVU4V3pjVG5jQ0IyVUtueHFPTld1Zk15Yz...

433 B
658 B

74ms
25ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bkjNjHxsV1VDb3BmNlNJZFFkVDMwUXYyM1RoN0JtanB6M3Q3Q293TGxtZTVmOVRGL0hWaG44RHBvcDdiaUo3eGZ2Zm91bEt1cFBjSVhmVmNhVlVoNWNvOWJPd3JWT0pBTXJGOVU4V3pjVG5jQ0IyVUtueHFPTld1Zk15YzlGZXU1T1VzZGpiNEw4Qk04czZQcVErbUlzK3dmQ3RRUyt6S3RKRmJWTi9zVjAxR0tUSE5TMUJJcXpHRThoMXVjS3R3bjAySHdJMm9sRWlKTVduMXVvR1BMeU1vTzBURHNmTUNrMUFacmRzNjJIWGEvcWo1eTQ4SmN4VDNtYnVZNGk2SGhqRmlPc2crcnRCbFM3TzNwcStkNCs2VjJlZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

22ad987b07747c5c3d4f22e8180c4fffac7c6e323cf9661042f2a690cc0d0271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2055401
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=bkjNjHxsV1VDb3BmNlNJZFFkVDMwUXYyM1RoN0JtanB6M3Q3Q293TGxtZTVmOVRGL0hWaG44RHBvcDdiaUo3eGZ2Zm91bEt1cFBjSVhmVmNhVlVoNWNvOWJPd3JWT0pBTXJGOVU4V3pjVG5jQ0IyVUtueHFPTld1Zk15YzlGZXU1T1VzZGpiNEw4Qk04czZQcVErbUlzK3dmQ3RRUyt6S3RKRmJWTi9zVjAxR0tUSE5TMUJJcXpHRThoMXVjS3R3bjAySHdJMm9sRWlKTVduMXVvR1BMeU1vTzBURHNmTUNrMUFacmRzNjJIWGEvcWo1eTQ4SmN4VDNtYnVZNGk2SGhqRmlPc2crcnRCbFM3TzNwcStkNCs2VjJlZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 274687
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 81ms
57ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40ea665935aa6bd853b7c8b7297bed3409aa15f24c3d2bbb45798a6a5866cf41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11753
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 22ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5a6bcf9012-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 99ms
99ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5a6bd19012-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 972 B
510 B 159ms
159ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=4266916981681644&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ccd5f0bdc-b9a1-47ac-a657-60582e930ab9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D7856793a66d19084%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MZ_gmy0mDnqpkdFUxvGorZlEgCpig&gpic=UID%3D00000c6f0c78cce4%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MZrII71kL7rFNSxNPdetYpCaSm9Ww&abxe=1&dt=1693858108549&lmt=1693836359&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhkKCnB1YmNpZC5vcmcYnqi-jqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM6nvo6mMUgAUgIIZBIXCghydGJob3VzZRiLqL6OpjFIAFICCGoSGQoKdWlkYXBpLmNvbRjNp76OpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMOovo6mMUgAUgIIag..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D72&adks=1021207636&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aded03f1ca44630a34f855e894d6b28d4a1eba327fc35516dc8ef3d171ad90bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 478
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 118ms
118ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pdc=0.21164064407348634&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5adc5e9012-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 103ms
103ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H6RG2MPY6RXJSSCBB6XQAQ1T
date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2301059
etag: W/"624a705ce1b65875ce70f98cfa74b907-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 8018dd5ade794d82-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 17ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=imgsed.com_auto_728x90_sticky_display_bottom&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z8XNFP1Y30FJWM1S31V
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442024
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5adc649012-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 250ms
249ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=718105626097527&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ce524e9b9-4bd6-40e9-a1fb-c630800cfa19&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7856793a66d19084%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MZ_gmy0mDnqpkdFUxvGorZlEgCpig&gpic=UID%3D00000c6f0c78cce4%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MZrII71kL7rFNSxNPdetYpCaSm9Ww&abxe=1&dt=1693858108622&lmt=1693836359&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhkKCnB1YmNpZC5vcmcYnqi-jqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM6nvo6mMUgAUgIIZBIXCghydGJob3VzZRiLqL6OpjFIAFICCGoSGQoKdWlkYXBpLmNvbRjNp76OpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMOovo6mMUgAUgIIag..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26chrand%3Dy%26pof%3D0%26bid%3D0.21%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D72&adks=343572712&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94d66e443009847e50a6145b2e4718d6a5d182858e53806dad913edf1f37b884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12152
x-xss-protection: 0
google-lineitem-id: 5564064146
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 20:08:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 236F 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 19:51:27 GMT
expires: Tue, 03 Sep 2024 19:51:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F45E 829 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

532bff59171bc0e31738e2854fd5899b3712da2a2ea6263f98379a60dec48e95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wtwWu7g2BUXxNMgVYDmSIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-wtwWu7g2BUXxNMgVYDmSIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 20:08:28 GMT
expires: Mon, 04 Sep 2023 20:08:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 19ms
19ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5b7d179012-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 23ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5b7d1b9012-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 972 B
506 B 218ms
217ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=2352740915101528&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C7f252bc2-f8d7-4008-a336-7d7ecbed8d2b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D7856793a66d19084%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MZ_gmy0mDnqpkdFUxvGorZlEgCpig&gpic=UID%3D00000c6f0c78cce4%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MZrII71kL7rFNSxNPdetYpCaSm9Ww&abxe=1&dt=1693858108721&lmt=1693836359&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhkKCnB1YmNpZC5vcmcYnqi-jqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM6nvo6mMUgAUgIIZBIXCghydGJob3VzZRiLqL6OpjFIAFICCGoSGQoKdWlkYXBpLmNvbRjNp76OpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMOovo6mMUgAUgIIag..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D72&adks=2126474764&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef3d6371d6f0798b861794c10d19a46e13b1a4c23d0d57826c1a0f6fadf4d569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 236F 38 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F45E 0
0 107ms
107ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=3010263269778037&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET view
securepubads.g.doubleclick.net/pcs/ Frame EDAE 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDAE 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
15 KB 229ms
228ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=4307481598736623&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Cc25b97ad-5898-416a-bd5e-9288e4cddf95&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De2ef7b13cfeebbcc%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MaSA_f0HJN-6H9TsTsYwU3qXgLULQ&gpic=UID%3D00000c6f0ba8ffd7%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MbvxStHrXu_JbNEa3kT99xFCgUTIw&abxe=1&dt=1693858108793&lmt=1693836359&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhkKCnB1YmNpZC5vcmcYnqi-jqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM6nvo6mMUgAUgIIZBIXCghydGJob3VzZRiLqL6OpjFIAFICCGoSGQoKdWlkYXBpLmNvbRjNp76OpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMOovo6mMUgAUgIIag..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D72&adks=4228963507&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

564cffc8af818941bcf5a848e4c29fe86fa11d82b6ba2f2f2e1dd6775ce5e17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15649
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 236F 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e4rTjw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 8B6A 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B6A 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 429 B
206 B 265ms
265ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=173521257943802&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C840219cb-19cc-4356-9a61-e5772cde584b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De2ef7b13cfeebbcc%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MaSA_f0HJN-6H9TsTsYwU3qXgLULQ&gpic=UID%3D00000c6f0ba8ffd7%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MbvxStHrXu_JbNEa3kT99xFCgUTIw&abxe=1&dt=1693858108892&lmt=1693836359&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhkKCnB1YmNpZC5vcmcYnqi-jqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM6nvo6mMUgAUgIIZBIXCghydGJob3VzZRiLqL6OpjFIAFICCGoSGQoKdWlkYXBpLmNvbRjNp76OpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMOovo6mMUgAUgIIag..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26chrand%3Dy%26pof%3D0%26bid%3D0.08%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D72&adks=55489845&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3685a3529d6bdee4fac584a8396707799110ceda2c9b01baa4147b2429ce3040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:28 GMT
cf-cache-status: HIT
age: 2442053
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5ceea19012-FRA

GET
H2 200 container.html Show response
abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D87A 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 20:08:28 GMT
expires: Tue, 03 Sep 2024 20:08:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pn=2&sn=3&pc=0.26922481060028075&ds=true&e=wdp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:29 GMT
cf-cache-status: HIT
age: 2442054
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5d7f449012-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 90ms
90ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imgsed.com_fluid_sq_index&sy=5781f20f-03d2-450d-a800-ff58f6f70593&ts=72&cd=2&pud=287&pus=c&pue=339&pid=103&pis=c&pie=442&ppd=145&pps=a&ppe=485&pcl=111&ttc=679&tti=1234&ttif=0&lca=485&lcak=ppe&lct=485&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=500x280&mlbw=4g&mlcs=NaN&mltp=b2b6adfa-0874-4d00-b52d-562e15658b7b&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:29 GMT
cf-cache-status: HIT
age: 2442054
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5d8f459012-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 103ms
103ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:29 GMT
cf-cache-status: HIT
age: 2442054
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd5e48099012-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
39 KB 329ms
328ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010263269778037&correlator=1190271777769096&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9c715473-72c6-4bfa-b856-e77f61af6bdc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De2ef7b13cfeebbcc%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MaSA_f0HJN-6H9TsTsYwU3qXgLULQ&gpic=UID%3D00000c6f0ba8ffd7%3AT%3D1693858108%3ART%3D1693858108%3AS%3DALNI_MbvxStHrXu_JbNEa3kT99xFCgUTIw&abxe=1&dt=1693858109165&lmt=1693836359&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=258808240.1693858108&ga_sid=1693858108&ga_hid=2000003253&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzqe-jqYxSABSAghkEhkKCnB1YmNpZC5vcmcYnqi-jqYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM6nvo6mMUgAUgIIZBIXCghydGJob3VzZRiLqL6OpjFIAFICCGoSGQoKdWlkYXBpLmNvbRjNp76OpjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMOovo6mMUgAUgIIag..&dlt=1693858107855&idt=490&prev_scp=ti%3Db2b6adfa-0874-4d00-b52d-562e15658b7b%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D72&adks=806473613&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24a0a66f1559c76d6f08e3729aeffd1f429a98c7c5ca2b94d354e439ae5a88b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40200
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 112ms
111ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=3010263269778037&bg=!NzSlNHvNAAYHwnCgJ8I7ADQBe5WfOJOuydQYHAcO9ElgxW3tynvGYK_O95i44Vt1O-ng1k51ejfY7F0iubDA_lUnTkveAgAAAG5SAAAAC2gBBwoANRIPwDKqgPFZi0udZbCZ80W6BqWGEMQrrHWma3iZRyjAA_C2ILptdlVr6aHR3LCUhMYF2WxHmQKuocsvcyvwUqvw9iq7in1ckKeXAYwv5TuvPDRfrIj1CSRGP99kKW6YA0iW168fZVRQ_MKmhyMtnew58lHzO_GuRnHBrKCZHeQaDJzghBXKRUN4_CrLNb33EqNeJ3lcC2CqQd-Sj5tix1lQthKQ9fXRP9ZyR1yTYTJHF1YPKy7Z-BHSgmZrNPRm9J4Ph34-pg2_V3XCSPkC3jnvPAy0kXkhmgY7e6cipKpwqNsPBn_NI5rFy_h2G7kJG6HwYn790F3b1T1a6cftCjwyNLZ93jb33tlr5ttBRml6JEi4YUc89phOCerhsWr6ve0G97GW_lFGLwjBd35SCJICS7W_LYk0m90DxcRREx2Si8gdy1ZelECyiX9eQfNght2FN3b1IOpOxx3EmAmXsRJD_FqfcTlgYlVqBB7KtgXGxuWLMbDyvrl7Q39WsaVAGM1adR8MVu85EDr-7BnjUc-Mr9pMVrJLNNzm3mwvaB5dCnwJTnmM2DNPTcz0gITeKCsuf2zqTdC7Rs2R7RHkzVBeFTbtz2SjYLCRRL-WPHypX4Iw_sN7aV1ZM46V14WyOG2jNquJqcV17nSa0-7i2I0cYoywpp6j-HsqAObKQe8KWMmNEfiGc7ACby-_D5H8w5vP88WwdLaZ5DyXmMmk9kEszM0PuUWT3sMVmF-Hcfp1fKQIds3lUCgEedjZb4JWXqnRK4ibn4wt_Xu2joGRwAdA3NiH4QJyxnnvSmasSjpAD6Jh3vUe3SeIg3Isb_bKpIiEs3j08AM2DNCk9199Vk2XziopZ37ph9owbhU_UUUzZcQyBcN5zREGP5yyYysFh5t-M8my5iEaroW09i_ocSiy-de44mUzEabGyXjMmDIOarJkyzdp8BYMF6u_MsLF8LQDJmDqa61cM6_ZxIQUB8W8g3QznO4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 container.html Show response
abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 670C 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 20:08:28 GMT
expires: Tue, 03 Sep 2024 20:08:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 125ms
125ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pn=1&sn=3&pc=0.21164064407348634&ds=true&e=wdp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:29 GMT
cf-cache-status: HIT
age: 2442054
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd620ca79012-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imgsed.com_auto_728x90_sticky_display_bottom&sy=5781f20f-03d2-450d-a800-ff58f6f70593&ts=72&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=b2b6adfa-0874-4d00-b52d-562e15658b7b&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id: 01H7436Z6XZE0HQGQ9Y9WNB8RB
date: Mon, 04 Sep 2023 20:08:29 GMT
cf-cache-status: HIT
age: 2442054
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "adfd09bf67be9c4a2eeecd7c78246885-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 8018dd620ca89012-FRA

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CDF7 240 KB
64 KB 208ms
111ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPY5PAAMoLEK3rkaAApXNTZr6kpTvR2achMang&u=%7CCc%2FXZ6mmwoZPoGsEIMYXXbcU891GdnVpNOc%2FQZuFxLQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku44-A6-e-u9t-FhGlWRwZcn8ljnS57jnxEfTZN_ET87Pgj_O6hKIxlsPELOFJCxEuJfSaFHzKK8_8RL_WQHStj1tE2azHbA6GWiyXxrBh2vyEjFJ59Crjm04OmO0o10XdcwdIP8MAkYbVJYSSGhoRbamHIWYXWcOZb7-5vhfot7ybMIijtOwGG-0JefIYFDj3Ufu5duzoNBVsCpIYOaRbrd6hiI5ppJs8HBG22BqPo0vP3sYYMyipTeg3wASRruEqXz6AnzWAxgWNGjGcrTfsG0t5JoFNQXQ3PdEz0_8tqMttnFIrjN4DXa0BeFDcjiPeWF5dpNLyVQ7a35XwMBrm7yTsG58WGmIzh9CsdmXdjHKSvaKuOSQrGNiEaDhAitnTAFIF1b7MQ37owjpKJVOfwiLn0DrFvNLVjX_kyINOg1IQl-mu3tsYG4QphoL3jfZeYJYB6yWLSBx0h_Vn2vPwHXC4ffzSDK5fcdaxNbFZTKbtKGM-JKAvOu-6lYF8c5x-IHYch1fuzYVbggdU09uyT09zLSG6z8Ak1gxvPmCrNM1MwazRLGIG8cYdFPK8Av11SUafWwodAftGKZmJVtI8yvk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJzD_PDn2ZLHBMpry-ga1rqnADcme0rFc1Z2R93DAjbcBEAEgAGCtAoIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLM01qRMR6yPuACAKgDAcgDAqoEjQJP0PQg7zUtCrv0hmzAw4WdQxSPVEkkbjr5O3-Hveu4lyADvm6dwPN5Yk5nPnsgVhjqUAvGVkgqCnAqAHN6dBhm8AzuxHZAm6-O-0f97kqs6CfBfavY5Wgq54pCNiMb6A0VDdSk9y_Uk9CH2qQ1zHaEs-o3sjUr5mvjSPK9lweZzuKQnVav603LPf3R2rgOUEDCZ7bdJDy4kWIyuCQKCpzCAVWM11p7_4hLZoS61HNk7yNLV6uOEJofWM_tUfL2GHwsHah_nIiJ6bwJqCAh7OMEi5l3znjo5U-5VHgXBjjSObCQKDxz4NxtVKgG5AAnQgEZfr7hCtnPFXL2FjPPaZkr4G6P2B9kJbDBi0ooBuAEAYAG9M-Z3Lmg5OezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EsmUc3C9DNOCBWURiO0g2tMyN2Q%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

273e1e8e6099b96ffefbcfd6da0b7e06b3854c5044943159cfa5324800056fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 20:08:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=iDX_coU6GqYy931geBWbyBYykIEMTrwnAm7jiC4K7HX5pacg-UImE3lvP7xIqEeoyRN41O0LuPW3PB1slIeQWMq2zL4LCmichgeox_YQpQy1-00v7-YuqxFrVd1dNxXX7h8P6EyIUjUrRXI5uc4vfj294XrZGn49418Vepo73RF1xpApH8Or-R8KRJapM3wzLH4w265YcMM642PyPkFmBOorRQawADD_5s8gqxuXR7zQy5sgaTNFDpSh_8bMElMXe4KGRg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 79106479
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame D87A 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 19:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 19:48:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B367 1 KB
646 B 13ms
12ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame D87A 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D87A 0
0 18ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcikbDbBPDr424YwUSC2RY1mYs1kz_EY5fly8yTVrz7c7ZhieZoI-k0KlOICiNkUOxyzszBAZubK1NbdtZZEXcbkDIPA
Requested by: Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D87A 24 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 07:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 02 Sep 2024 07:32:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D87A 181 KB
57 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 20:08:29 GMT

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 670C 9 KB
4 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 14:39:46 GMT

GET
H2 200 381252f560566a1d63ec1f75631f3e14.js Show response
www.gstatic.com/mysidia/ Frame 670C 36 KB
14 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/381252f560566a1d63ec1f75631f3e14.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f4300c748c5c4fd8afc45978d3839203a189cb7d8bd7af90cd21e7641f7ce3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14679
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 22:07:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 00:27:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 670C 2 KB
892 B 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:19 GMT

GET
H2 200 296e8486ae47669a34402216c17dea54.js Show response
www.gstatic.com/mysidia/ Frame 670C 22 KB
9 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/296e8486ae47669a34402216c17dea54.js?tag=exit_2019

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb7a2ba33082e2e7e8f36a4a7e2a04d39393b368d926be480c93f8e44e82767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 02:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9360
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 22:07:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 02:20:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 670C 23 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 670C 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 19:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 19:48:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 670C 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 13:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 670C 0
0 17ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpMiYhd8jhPjYTpTnv34CMO0rBMebpF2rJoC87_NcE2h-M12eiUwgbb21zuPxthLjCUpby6T3ynZPgVjr89cPUNLGyxw
Requested by: Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 670C 181 KB
57 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 20:08:29 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 670C 36 KB
15 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
DATA 200
OK truncated
/ Frame D87A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18f0718cfd5b7263053a63c3ab923cdbfd9fad28698c09b73966cf0591350803

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B367
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGmZFiGNFAncuVnm1JMb6jw&google_cver=1&google_push=AXcoOmR_kNrpwJNprd4WxJvAntI8M1PyA3K8fGmYjqrGxXpHVLr7sEVPDL3Ye8NVImdzGhhFjM-dgXYrmMGOJaCshSGRZhROsTg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmR_kNrpwJNprd4WxJvAntI8M1PyA3K8fGmYjqrGxXpHVLr7sEVPDL3Ye8NVImdzGhhFjM-dgXYrmMGOJaC...

170 B
329 B

22ms
21ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmR_kNrpwJNprd4WxJvAntI8M1PyA3K8fGmYjqrGxXpHVLr7sEVPDL3Ye8NVImdzGhhFjM-dgXYrmMGOJaCshSGRZhROsTg

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmR_kNrpwJNprd4WxJvAntI8M1PyA3K8fGmYjqrGxXpHVLr7sEVPDL3Ye8NVImdzGhhFjM-dgXYrmMGOJaCshSGRZhROsTg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 20:08:29 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B367 43 B
146 B 97ms
10ms Image
image/gif 35.156.208.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIkwubu5jrj0eeeYuYlXuAI&google_cver=1&google_push=AXcoOmShYFTqHDvHhPqrUZnZloffOujO-RNcl8DnnVLjUsjxPyxrCNmyR4cHEerjO2BvzSFghej11FpQ-QnqQ4FcYHAhjPXmAm1X
Requested by: Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B367
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBNNWeTxJEEGyKK9qA3w7TE&google_cver=1&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smqhsO_g...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBNNWeTxJEEGyKK9qA3w7TE&google_cver=1&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smq...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2NDcwMjg1ODI5NTYxMjg1MQ&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smqhsO...

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2NDcwMjg1ODI5NTYxMjg1MQ&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smqhsO_gZbjSHiu5Q3RUJDr8LIyu

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2NDcwMjg1ODI5NTYxMjg1MQ&google_push=AXcoOmTayvFxOSsv0bP84puNcBj8wkiB6q7jMpBC-13blsQF6O8vtcQ930N-mpDMSAb3fq51smqhsO_gZbjSHiu5Q3RUJDr8LIyu
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B367
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPou3WHhPyGZhKUn7F8GwGc&google_cver=1&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-z...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPou3WHhPyGZhKUn7F8GwGc&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-z...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-ziMDw6kxFWJUyQYV&google_hm=SWZiNnpGN0g3Tkt4cmlh...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-ziMDw6kxFWJUyQYV&google_hm=SWZiNnpGN0g3Tkt4cmlhdmh2dzY=

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 20:08:30 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSOtAXUAFlZTBYw0gqPlCe_0wgiDQPdA5V70PfmQjE72wLWwXsYR124noCoQlfs7HompuGxkLjon7_-ziMDw6kxFWJUyQYV&google_hm=SWZiNnpGN0g3Tkt4cmlhdmh2dzY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET google
sync-dmp.aura-dsp.com/match/ Frame B367 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B367 0
130 B 88ms
21ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFOioezlR_p6IVXq--rFz4jmzZdAYTSYCRxMLB24TLJ4-F3tOPjQm9TGjP

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 71 KB
19 KB 8ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/381252f560566a1d63ec1f75631f3e14.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6e82c778ef6dfc00a03d7fd8eae8588c7f839163e487cf2c00428319ca8114

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 513457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19408
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:30:52 GMT
expires: Wed, 28 Aug 2024 21:30:52 GMT
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D87A 0
0 50ms
50ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTOiQPDn2ZLHBMpry-ga1rqnADcme0rFc1Z2R93DAjbcBEAEgAGCtAoIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLM01qRMR6yPuACAKgDAcgDAqoEigJP0PQg7zUtCrv0hmzAw4WdQxSPVEkkbjr5O3-Hveu4lyADvm6dwPN5Yk5nPnsgVhjqUAvGVkgqCnAqAHN6dBhm8AzuxHZAm6-O-0f97kqs6CfBfavY5Wgq54pCNiMb6A0VDdSk9y_Uk9CH2qQ1zHaEs-o3sjUr5mvjSPK9lweZzuKQnVav603LPf3R2rgOUEDCZ7bdJDy4kWIyuCQKCpzCAVWM11p7_4hLZoS61HNk7yNLV6uOEJofWM_tUfL2GHwsHah_nIiJ6bwJqCAh7OMEi5l3znjo5U-5VHgXBjjSObCQKDwx4v3_0yea97-7VqLJQxgZA83Fo3jYDrF7oaSNEtGR9AfhjzTSNOAEAYAG9M-Z3Lmg5OezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=asuLohJPm0Q&uach_m=[UACH]&cid=CAQSPABpAlJWKN6H-R-XCdpWzdk7Ut1sYUV0Xd5ziwfmmd5qjnr3zV5NX5WRoYykH5SAuLjPM66OILi6tbHg7hgB&cbvp=2&vis=1
Requested by: Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame D87A 0
126 B 93ms
19ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kL2AGOm9E-ADwAKdg2ICAgAAAHobFO5qgn2yEDw59mSLcgOt6xwIso-pAAASAAAKCkFRVUJEd0VSRHc&wp=ZPY5PAAMoLEK3rkaAApXNTZr6kpTvR2achMang&cbvp=2

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 177962
server: Kestrel
content-length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4ACC 1 KB
646 B 11ms
9ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Tue, 05 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 670C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cd1d6f58b9ec7c07ec6a0f5cf79db5110b1c999919dee0036a7c1206e847694

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2970 16 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Sep 2023 07:13:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2970 34 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 05 Sep 2023 13:31:21 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4ACC 35 B
463 B 44ms
13ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO2qUeOGSstEsXiQlqsx4sQ&google_cver=1&google_push=AXcoOmRjPdtf0CQnP-XcBwCGLOnDfm6xQpKjpDKOMtE7R6FUssIGOBKtaoK8zFrIHX7ml_LPwyM23-P5YT51bikAvOuoNHHVDOM

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4ACC
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGLJfOMse5eG0u-1_1kkMRU&google_cver=1&google_push=AXcoOmSxBoqFEBbchQi1v-R8RIv-b4zIV8-kvzd7S1-pFWpFU9VsNSvjdiQkiSrLj4yc8Pmm4_ru97eVm9mfZmYB-luZjH9hyA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmSxBoqFEBbchQi1v-R8RIv-b4zIV8-kvzd7S1-pFWpFU9VsNSvjdiQkiSrLj4yc8Pmm4_ru97eVm9mfZmY...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmSxBoqFEBbchQi1v-R8RIv-b4zIV8-kvzd7S1-pFWpFU9VsNSvjdiQkiSrLj4yc8Pmm4_ru97eVm9mfZmYB-luZjH9hyA

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F4E52B9199A414DBA6A58BBA45EC580&google_push=AXcoOmSxBoqFEBbchQi1v-R8RIv-b4zIV8-kvzd7S1-pFWpFU9VsNSvjdiQkiSrLj4yc8Pmm4_ru97eVm9mfZmYB-luZjH9hyA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 20:08:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4ACC
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEC4Pn7VDBeU6bAnoJqGsBAc&google_cver=1&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEC4Pn7VDBeU6bAnoJqGsBAc&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM0LbRRKBGcPv-g&google_hm=MC1aazlvYUktQTRDN1NZQj...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM0LbRRKBGcPv-g&google_hm=MC1aazlvYUktQTRDN1NZQjdMdno=

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 20:08:30 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5QzbF8drrhpZOOvCHQefaMLaldapy0Z7PZt04Q8pcEYNpU4FrJV3TGziqWq_Hod-JC3Qsnd3Ek3AsM0LbRRKBGcPv-g&google_hm=MC1aazlvYUktQTRDN1NZQjdMdno=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 234
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4ACC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKCl9e6MYAb-cN0tEQuG4j0&google_cver=1&google_push=AXcoOmRQ0qRy2EyhnbFBhw0gY8JxeZaBUo4IioS5WflTy27pdH-YmPcShkHVa_6mWsFBhah-y1rN7rPAQ3HxoKR...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bP3ephG9W-dP-6vA76DEYlFfBSo&google_push=AXcoOmRQ0qRy2EyhnbFBhw0gY8JxeZaBUo4IioS5WflTy27pdH-YmPcShkHVa_6mWsFBhah-y1rN7rPAQ3HxoK...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bP3ephG9W-dP-6vA76DEYlFfBSo&google_push=AXcoOmRQ0qRy2EyhnbFBhw0gY8JxeZaBUo4IioS5WflTy27pdH-YmPcShkHVa_6mWsFBhah-y1rN7rPAQ3HxoKRZeL1p-QR69WI

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bP3ephG9W-dP-6vA76DEYlFfBSo&google_push=AXcoOmRQ0qRy2EyhnbFBhw0gY8JxeZaBUo4IioS5WflTy27pdH-YmPcShkHVa_6mWsFBhah-y1rN7rPAQ3HxoKRZeL1p-QR69WI
Date: Mon, 04 Sep 2023 20:08:30 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4ACC
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENoKtU-QoMy25BXL5DvEoKk&google_cver=1&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAO...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENoKtU-QoMy25BXL5DvEoKk&google_cver=1&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAO...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAOeQrF1njL9k&google_hm=HRD4qGZHUa944QYPRu-ioRY4

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAOeQrF1njL9k&google_hm=HRD4qGZHUa944QYPRu-ioRY4

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Sep 2023 20:08:30 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFLcpZdb7JmT8IvBkuxec5Ily1hY3WRCdJpisjG88bFVlDmIYsyWaJJgrH9JWfLe76GjkcF9SZURPN88QAOeQrF1njL9k&google_hm=HRD4qGZHUa944QYPRu-ioRY4
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 4ACC 0
44 B 706ms
230ms Image
text/plain 52.193.101.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEJoU9zBvs-ihNsPRuNEPBuc&google_cver=1&google_push=AXcoOmQyGSWI68geVzv9kHwFKJQkFFn6KmtSD2KVrxaPGaTG0xecRvcH8ROJ7_N8sNOFeiNq9Qns9t7H6IIj4LGK_vXXKo1rYq8
Requested by: Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.101.23 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-101-23.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
server: awselb/2.0

GET google
sync-dmp.aura-dsp.com/match/ Frame 4ACC 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4ACC 0
40 B 20ms
19ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpcsW8RF0DZdc7FrT2C9P-KmpDdHavlBNd9fMJj5dWjVbYSA0fA9SDEGGa3AGTdDpYjc_rcw

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 670C
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C8hkNPTn2ZLCkDMLwgAe2g5yICdXO3aJyudLQ47ARqsTT_IQxEAEglZvKIWCtAqAByYS5uQPIAQmpAl1KwPWwF7I-4AIAqAMByANIqgTtAU_QWD1zcpAXX18BffL1HbQbv2hj9PLHVh-K...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211738700704099641249%22,%22debug_reporting%22:true,%22destination%22:%22https://myderma.info%22,%22event_report_window%22:...

0
0

65ms
48ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211738700704099641249%22,%22debug_reporting%22:true,%22destination%22:%22https://myderma.info%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22925778505%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216283150731332330017%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11738700704099641249","debug_reporting":true,"destination":"https://myderma.info","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["925778505"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"16283150731332330017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 20:08:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Sep 2023 20:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11738700704099641249","debug_reporting":true,"destination":"https://myderma.info","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["925778505"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"16283150731332330017"}&andc=true
access-control-allow-origin: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 58ms
41ms Preflight
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C8hkNPTn2ZLCkDMLwgAe2g5yICdXO3aJyudLQ47ARqsTT_IQxEAEglZvKIWCtAqAByYS5uQPIAQmpAl1KwPWwF7I-4AIAqAMByANIqgTtAU_QWD1zcpAXX18BffL1HbQbv2hj9PLHVh-KLSgiguxwv4PvC0EAtLs991MLjnTrmlhMVikwIxq6CiPG3_qPmdfaTYr1_B7UdXzpH_zvFMcLSe_PQawFA0ySIYJpT-XtpsYX_EqwllPadq1_VkpxpBrCBpvFs7fkuUM7kLGtgFR7hxr6he86QQVDOP8Sy4SyzxxhYVA_ch5P-iAQzv_zKGxmpH-LZTeJ5zDIaIJhPlZg3tDDksmHd-RpHwAvkptI1E2xNnlZCISicey-WJ7vemwTLLgRa_GncLAVO-b2fYBCAJXoDzGikfVsh7TQhMAE4qia1vYD4AQBiAWGlILPPpIFBAgEGAGSBQQIBRgEoAYugAef-8ZGqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ9kbSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk3aHR0cHM6Ly9wc29yaWFzaXMubXlkZXJtYS5pbmZvL2dub3Jpc2UtdGluLXBzb3JpYXNpLXNvdYAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=TK11cvAUBZI&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWHV4IK0klhpm3t7LGioIK7JfogL-mX_EgxdW7rWj17FShjV7hRA5L_iF2gWNIK5PE4MiqpYmXZxgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 20:08:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7968 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CDF7 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPY5PAAMoLEK3rkaAApXNTZr6kpTvR2achMang&u=%7CCc%2FXZ6mmwoZPoGsEIMYXXbcU891GdnVpNOc%2FQZuFxLQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku44-A6-e-u9t-FhGlWRwZcn8ljnS57jnxEfTZN_ET87Pgj_O6hKIxlsPELOFJCxEuJfSaFHzKK8_8RL_WQHStj1tE2azHbA6GWiyXxrBh2vyEjFJ59Crjm04OmO0o10XdcwdIP8MAkYbVJYSSGhoRbamHIWYXWcOZb7-5vhfot7ybMIijtOwGG-0JefIYFDj3Ufu5duzoNBVsCpIYOaRbrd6hiI5ppJs8HBG22BqPo0vP3sYYMyipTeg3wASRruEqXz6AnzWAxgWNGjGcrTfsG0t5JoFNQXQ3PdEz0_8tqMttnFIrjN4DXa0BeFDcjiPeWF5dpNLyVQ7a35XwMBrm7yTsG58WGmIzh9CsdmXdjHKSvaKuOSQrGNiEaDhAitnTAFIF1b7MQ37owjpKJVOfwiLn0DrFvNLVjX_kyINOg1IQl-mu3tsYG4QphoL3jfZeYJYB6yWLSBx0h_Vn2vPwHXC4ffzSDK5fcdaxNbFZTKbtKGM-JKAvOu-6lYF8c5x-IHYch1fuzYVbggdU09uyT09zLSG6z8Ak1gxvPmCrNM1MwazRLGIG8cYdFPK8Av11SUafWwodAftGKZmJVtI8yvk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJzD_PDn2ZLHBMpry-ga1rqnADcme0rFc1Z2R93DAjbcBEAEgAGCtAoIBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLM01qRMR6yPuACAKgDAcgDAqoEjQJP0PQg7zUtCrv0hmzAw4WdQxSPVEkkbjr5O3-Hveu4lyADvm6dwPN5Yk5nPnsgVhjqUAvGVkgqCnAqAHN6dBhm8AzuxHZAm6-O-0f97kqs6CfBfavY5Wgq54pCNiMb6A0VDdSk9y_Uk9CH2qQ1zHaEs-o3sjUr5mvjSPK9lweZzuKQnVav603LPf3R2rgOUEDCZ7bdJDy4kWIyuCQKCpzCAVWM11p7_4hLZoS61HNk7yNLV6uOEJofWM_tUfL2GHwsHah_nIiJ6bwJqCAh7OMEi5l3znjo5U-5VHgXBjjSObCQKDxz4NxtVKgG5AAnQgEZfr7hCtnPFXL2FjPPaZkr4G6P2B9kJbDBi0ooBuAEAYAG9M-Z3Lmg5OezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EsmUc3C9DNOCBWURiO0g2tMyN2Q%26client%3Dca-pub-3831894559014614%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CDF7 2 KB
1 KB 25ms
23ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CDF7 308 B
636 B 24ms
24ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CDF7 293 B
621 B 24ms
23ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame CDF7 43 B
348 B 86ms
23ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=NjtRiaF3N0qfFyIH0tdehafOHKe8dhvSCEdI_5cyjabN-7mairRsWJO0FZzKr5DLzIjNtphqvvEldaCl43HBkDQJYFvqOJxPVCQIVo17QyIlaI8lXWGU7Bt7ZVIBzBdWpGO3VoDM8pi6BwYdvsmEPjEGQj_wYIA8DRiISB3CK1Hvfz0OCBHrMv3HA_uxp5Q8G-AIEsnLlEleSIhTvfFxNnTAjAMTCNpCDds6RQQGbv_JIk3e2pcMA_eKsHs0IatPds8QTRAGN3heB8krBF8Td_YcR7gSxbzAxvUftXGltxTtlM1NbUrWCHHzqt4eFqc8KfX7YgZCANvs8TTD9Itvu_4Pc8AVLwMZQliTJWT16hDElDqKxv-b8tqwt6lEXVe3ykcWElnnT6p0TxM3cdun_3hnI2Mtz2GUYEqJMfMXLhq56qaRhTQTO2BxgHbjOG7xNuLrAuNxy76mVQx2XmUeFEFfD_0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2442455
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CDF7 12 KB
5 KB 44ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2254749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SajTHz9kg0n2lIzbnqUNCuTvtAFkFdMqlp100oURCjdwV6PJ2SyV%2BxwLZAriwG%2Fvwy7A4Z6QBTdEDk0tGXXZ8zPJvLNp2AGh9L%2BL5govTHYR4YOW8C2E0vcsLFcWDJ7MKnAEwAkO5wZTvs2N6xhqaeMy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8018dd63deea923e-FRA
expires: Sat, 24 Aug 2024 20:08:30 GMT

GET
H3 200 45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2970 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14879
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 15:25:35 GMT

GET
H3 200 BUTTON.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 5 KB
5 KB 10ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/BUTTON.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bd645b5c3921222b7bf6646895bdff985d7361a1c974c887ec1108c146ebc9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Aug 2023 16:52:50 GMT
x-content-type-options: nosniff
age: 530140
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 16:52:50 GMT

GET
H3 200 LOGO_MYDERMA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/LOGO_MYDERMA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fc8b39bfd0023c9b599d45fd68c716ff81c5ff2d1d33e644653e41599464c09

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Aug 2023 12:16:46 GMT
x-content-type-options: nosniff
age: 546704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4245
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 12:16:46 GMT

GET
H3 200 LEO_LOGO.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 3 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/LEO_LOGO.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7ad3bd49772769ef6e9f14eb6ca9c6378af8ac4c4e1d1a0cf0d669f95f35a62

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Aug 2023 21:53:27 GMT
x-content-type-options: nosniff
age: 512103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2613
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 21:53:27 GMT

GET
H3 200 F3_TXT.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/F3_TXT.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8a25d7dc14e55c4722d22fc284328e52efe16138e942fd1ab4a9075c20d29f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Aug 2023 08:18:27 GMT
x-content-type-options: nosniff
age: 561003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3245
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 08:18:27 GMT

GET
H3 200 F2_TXT.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 6 KB
6 KB 13ms
12ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/F2_TXT.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb727e7ca3e714e3f37212e50a834d488d6cb400e9ed21cdfab39c6ca797f4a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Aug 2023 08:18:27 GMT
x-content-type-options: nosniff
age: 561003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5908
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 08:18:27 GMT

GET
H3 200 F1_TXT.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/F1_TXT.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cf57eed7aa19a3199ec71bb1ef426f8a5abc622bb01abdd434b9d1e94a1b517

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Aug 2023 14:58:17 GMT
x-content-type-options: nosniff
age: 537013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2287
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 14:58:17 GMT

GET
H3 200 BKG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/ Frame 2970 4 KB
4 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/BKG.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d31eeef55304ad76c511226fdaf6951b69108756466718b347efbf8921aa3fce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17803003890646769197/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Aug 2023 08:18:27 GMT
x-content-type-options: nosniff
age: 561003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4205
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 10:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 08:18:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CDF7 12 KB
6 KB 28ms
27ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 6 KB
6 KB 91ms
17ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F105705%2F4796699%2F1e5d67917b334d358f8f38d529f184cb_prm.png&v=3&w=956&s=FqAJNA9PoQkebi_mXqZ3SjTS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

584ad1210dafdd628f279971ba25f941adf65bab64efdc611f05e6691cc54079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 6070
expires: Sat, 03 Aug 2024 14:53:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 7 KB
7 KB 109ms
36ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS22-BLD0GN_30X_F1.jpg%3Fv%3D1640079015&v=3&w=400&s=uJPwiHezx35tPYy_-JRqlqDQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3119db9dc3bab926d2204135b533e1d4ed386d95d968ff8cecd93af84bd02a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 7126
expires: Wed, 07 Feb 2024 05:25:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 5 KB
5 KB 106ms
33ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FAA00-OBM0HW-88X_F1.jpg%3Fv%3D1683296923&v=3&w=400&s=TUdDPh6mmRBZpsbQfk1wtPAf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b43c74de12f84c09b76774dbc5c32b70c8ed015b5b1c2c5f16ae8c0f05636414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 4808
expires: Thu, 08 Feb 2024 21:17:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 6 KB
6 KB 106ms
33ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FAA00-OBM0I0-89X_F1.jpg%3Fv%3D1683301124&v=3&w=400&s=FPtTtnIqcvfhtM9yuxHshkXM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3f3219fdee7bdd2b59fd68169cfd07603bcc9e421b7d069a41318d9ceb1f7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 6164
expires: Wed, 07 Feb 2024 11:42:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 5 KB
5 KB 111ms
38ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FAA00-OBM0HS-59X_F1.jpg%3Fv%3D1683295746&v=3&w=400&s=AhJlNRmK6ovx0F_5XE7Acy8g&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

774684720c1e616cda242ecf08b4d76930f1cc5ae90a4250142774286770d9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 5282
expires: Fri, 09 Feb 2024 05:58:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 4 KB
4 KB 105ms
32ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-KLD0S0-01X_F1.jpg%3Fv%3D1680168761&v=3&w=400&s=-jwGF0JjtgCq3s3c3ias99PU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a27eeba1ff4a63b0bd5b2ae5f28427e6a1244b75c2d05fbf68d33475289ee937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 3844
expires: Fri, 09 Feb 2024 05:34:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 5 KB
5 KB 44ms
43ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-OBU0SO-12X_F1.jpg%3Fv%3D1686117418&v=3&w=400&s=bSwWItBG_XEYJVImz3IsBvfZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2818a141607362ee290dce0da2e65cd5d3f45149e98215105f9de31e46e298fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 5000
expires: Fri, 09 Feb 2024 09:08:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 5 KB
5 KB 38ms
37ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FAA00-OBM0IW-88X_F1.jpg%3Fv%3D1684728131&v=3&w=400&s=G-HBo46-2Z6e6rFSSE9Yu3rh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd72406387fd1700b3ae2e1b355ae2b780d8170975d25673efce57d39a73dfe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 5328
expires: Thu, 08 Feb 2024 06:27:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 5 KB
5 KB 50ms
48ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-KLM0CA-84X_F1.jpg%3Fv%3D1689082229&v=3&w=400&s=bH9YnZBlz08WUe9G4DSwCBaT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f90ae2310a9e571e92ba6420852508b81c2ed76fc8dc68f739af63c8708e6e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 4874
expires: Sat, 02 Mar 2024 20:26:06 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 9 KB
9 KB 73ms
71ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-OBM2IT-00X_F0.jpg%3Fv%3D1686051764&v=3&w=400&s=4EZrCE5IylZLP1Kv91WiOvA0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e0d4a3e6d249b72bd0dc21d03c80d6a2d2faa38423e3534b0844453e764b73d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 9152
expires: Wed, 07 Feb 2024 13:24:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 6 KB
6 KB 51ms
49ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-OBM2M7-91X_F1.jpg%3Fv%3D1689656685&v=3&w=400&s=7lqHhHUP380U5KobfkgAMvrW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d6e4f7be9a908c6a3daff3a1893260a12b06935e6e44ac849031b03f67187b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 5870
expires: Wed, 21 Feb 2024 08:37:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 6 KB
6 KB 70ms
69ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FAA00-OBM0IJ-12X_F1.jpg%3Fv%3D1683291061&v=3&w=400&s=DPJnm2M-462X5v4p9yoPoYWx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5ddb4b497caad77b24d803657c9ee0c6f4e50e385c95008e630457329aae0faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 6076
expires: Thu, 22 Feb 2024 11:07:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 8 KB
8 KB 71ms
69ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FAA00-OBM0IY-88X_F1.jpg%3Fv%3D1684729219&v=3&w=400&s=07nJV9RoNZxntUUm-FYg7w45&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e49214bab95d8a8982020d06affd0bb6996e55b2614c1217d20359ab20766f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 8152
expires: Wed, 07 Feb 2024 15:34:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 4 KB
4 KB 75ms
74ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-KLU067-12X_F1.jpg%3Fv%3D1689572084&v=3&w=400&s=o33FQ4elDJN2nbc2o3p4o8P3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9ee1759c0647e920aa0a39f53b363750e5a0474113d225013e188ca3fa4e6580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 4142
expires: Wed, 21 Feb 2024 08:48:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 6 KB
6 KB 70ms
68ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FAW23-KLM03U-81X_F1.jpg%3Fv%3D1690345580&v=3&w=400&s=_uWDZTe_OsVA63BULqzXJXO7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

47f33464f4de8093652b02769261e6cda0386506fcb035edfbb70c49efb6e795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 6082
expires: Sat, 02 Mar 2024 06:38:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 6 KB
6 KB 69ms
67ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-KLD16U-10Y_F0.jpg%3Fv%3D1686048989&v=3&w=400&s=EK3FC9HvHBNlDvObWfWzkYjo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c4328eb6b5589ce8b1bf51e051489b1a217aca5f3c85dcd029f89930b954842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 6448
expires: Fri, 09 Feb 2024 00:11:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 4 KB
4 KB 75ms
73ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS21-KLD0ZH_99X_F1.jpg%3Fv%3D1615963598&v=3&w=400&s=EVQF_lIwxxeKhGkmZFXfnmpU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f85e4758234ee9f686b4f450b19b41f66ad9d190d83cac719d4a9535c940425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 3762
expires: Thu, 08 Feb 2024 06:58:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 5 KB
5 KB 76ms
74ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-KLU062-99X_F1.jpg%3Fv%3D1689656566&v=3&w=400&s=kdH9Uh61vImL6k0hjNEfKQYV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8b3760fd1c0978ee33bacfd276e587b1a60992c608e477c37ffee082cb08a1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 5274
expires: Thu, 22 Feb 2024 09:16:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 7 KB
7 KB 72ms
71ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-OBM16J-99X_F1.jpg%3Fv%3D1680757267&v=3&w=400&s=CC8yn7JhS2I5AQhm3GBRoVn6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0744e0977ee49f36068545961c335a86f87a70fbc8a009d26c49b7d6998a0220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 6838
expires: Fri, 08 Mar 2024 02:18:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 9 KB
9 KB 75ms
74ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-OBD28O-00X_F1.jpg%3Fv%3D1676557016&v=3&w=400&s=XOTrbi4mYU_GKw4-W7Rudf6T&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

994561937bd64b1dacecb0658dd27c6a1120d74b14fbbed9c2bfbea7f8ed6cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 8710
expires: Fri, 09 Feb 2024 18:04:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 3 KB
3 KB 71ms
70ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-OBM2JW-00X_F1.jpg%3Fv%3D1685520999&v=3&w=400&s=_8WMGpfnr2ALyX8EHmusERWJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aafea96ad669e9a3dc0c9faea9bf5ead00c0378cf99ed5a1e450a3d284b45191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 2944
expires: Thu, 08 Feb 2024 07:57:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CDF7 7 KB
7 KB 74ms
73ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107323&q=80&r=0&u=https%3A%2F%2Fimg2.ans-media.com%2Fi%2F855x1290%2FSS23-OBU0IA-99X_F1.jpg%3Fv%3D1684651466&v=3&w=400&s=1AASlkGETg4sDhXOeU7rj0cb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

16107109a34eff5ca83a72994e64d8a269b511b5c6a1f1276c79d0a2955418e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=16070400
content-length: 7440
expires: Fri, 08 Mar 2024 05:32:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CDF7 0
128 B 79ms
17ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=iDX_coU6GqYy931geBWbyBYykIEMTrwnAm7jiC4K7HX5pacg-UImE3lvP7xIqEeoyRN41O0LuPW3PB1slIeQWMq2zL4LCmichgeox_YQpQy1-00v7-YuqxFrVd1dNxXX7h8P6EyIUjUrRXI5uc4vfj294XrZGn49418Vepo73RF1xpApH8Or-R8KRJapM3wzLH4w265YcMM642PyPkFmBOorRQawADD_5s8gqxuXR7zQy5sgaTNFDpSh_8bMElMXe4KGRg&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CDF7 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CDF7 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 73ms
43ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 20:08:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 inter-400.css
static.criteo.net/design/googlefont/inter/ Frame CDF7 2 KB
838 B 22ms
21ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/inter/inter-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d1e4270567b8ca85bf6aab1789c2d124c938d80644524925c32601af533b53da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:02:29 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ee75-7f2"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 inter-700.css
static.criteo.net/design/googlefont/inter/ Frame CDF7 2 KB
839 B 23ms
22ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/inter/inter-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2fb07ad4c1ce0076c6d51c018894025c404f625a983978f5040f46e2b5dbde08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:02:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ee76-7f2"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 inter-400-latin.woff2
static.criteo.net/design/googlefont/inter/ Frame CDF7 16 KB
17 KB 79ms
46ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/inter/inter-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/inter/inter-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b53a4c04ef649194536ca97140e5f67e22db7ec42070a359125732b2f9828a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/inter/inter-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:02:29 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ee75-4144"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 inter-700-latin.woff2
static.criteo.net/design/googlefont/inter/ Frame CDF7 17 KB
18 KB 61ms
38ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/inter/inter-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/inter/inter-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

865a2acfe5acd46e5c0e73e136e4f301e66a1345b3577f3e2996cbdcd6bcd2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/inter/inter-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:02:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ee76-4578"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 inter-700-greek.woff2
static.criteo.net/design/googlefont/inter/ Frame CDF7 8 KB
9 KB 63ms
41ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/inter/inter-700-greek.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/inter/inter-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ee1d961d9dd4c8e190abab9008cba30d5b80d6434de370c90cee1b8a195243c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/inter/inter-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:02:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ee76-20f4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H2 200 inter-400-greek.woff2
static.criteo.net/design/googlefont/inter/ Frame CDF7 8 KB
8 KB 18ms
18ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/inter/inter-400-greek.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/inter/inter-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

197644aee3a8adaa55a257f9fc2b44b53bdafd55e73fe29cc9789fdb7c44793c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/inter/inter-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:02:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ee74-1f00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Aug 2024 20:08:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D87A 42 B
64 B 114ms
113ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrg8AxhDOFS2hfjGyV4b-mZTkHJ8jevrTaMa6-2VG8vv8mKYza5Y3iIWz_h17PDuPCnAy1PPj-xq68LAf3dw7ke_M_vsu99DQp4qs&sig=Cg0ArKJSzIpINhd-zrADEAE&id=lidar2&mcvt=1000&p=298,560,618,1040&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4228963507&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693858109032&rpt=842&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 670C 42 B
64 B 117ms
116ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8XrQhfUdQIhmwEmClXMUkhHiSFSpUfJKBsmFW0kdYhiM2Za-QlKe9sK9-tB0GIbqjI0I4FZhYi1KyQUoch2KnJe-TaMWsOFsCqrHOmLwYbvQQCnd_woSZhB5C0TyJ-zpXn-iAbYksjIMu&sai=AMfl-YSIKee5T8dz0B0w_NEwoNdvIcd_xyH0uRFITYNL_FqjvS1YiUnSGEh4eatofx0l6KcCry1CunEB1Qu5HKunQcGYwCjQyIclJEBJ-l5DWWmqg8Ae5ozcXQR0qJUj&sig=Cg0ArKJSzPrvzJCH3YbTEAE&cid=CAQSPABpAlJWHV4IK0klhpm3t7LGioIK7JfogL-mX_EgxdW7rWj17FShjV7hRA5L_iF2gWNIK5PE4MiqpYmXZxgB&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=806473613&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693858109758&rpt=165&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CDF7 0
127 B 28ms
28ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 20:08:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je38u0&_p=2000003253&cid=258808240.1693858108&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1693858107&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 20:08:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh1Ymz_bKkmGaNx8zojbQ5bUzw3e_rxDZ9FO7mcouDxVQ0nS4yUpEN8sb0YZrttYK9e9XWFsCUxURtl-CoE1QqwTtYwgroFIY4RBa-6mqdrJISJC-Nrlfp7AvAtJQ_bWcC9a8oJAfNbDQbRACphyPein3y2GfG4WGI5axStWfousLuOMd7yShokBgQlOtbBXngsNrTVNPGCgP7PTNbEE6h4Uwdxjom5gK35cysnijXBcYZ92agHhXzAIlywFEnhirQVuv2PXhUDoNE68GUNWIjKDWkO3wFFjQxpme595fxhjc2tyh8XHzaKpNixqwc-FjKf1ngq0gunwFvp9fDCbHJtn70O2oyCN7soDhOoLbh6jbBpgQsVhQfwKUnud87AB-ZfTSzx2tl&sai=AMfl-YRR4o_p6gO8yHgAjwbhqn9x6Q4QOjK1jVDKJh3TzffwAC2QHY3wnWqrtLnZ19FcoXgTjvLKEtz1VopzcP40fRb0gmQeEtzutu4miFDb98notF0-0IfjpJq-jW3bhbfb3_GKMyZ-ey8E4xEJ7kx0&sig=Cg0ArKJSzAfPm_-jgFYREAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIxYcTv-ZhBdzCVE_Va0822NoBelop2eqAWMEWkQgShf6krQGT4HlmzWuvt_OGfcECOgD-I-CyRVABDwucTaWA3zB_ceVVrarft0FfFQCBrRtt0P1cNSWmtD_vclq0vv21j9ojeX62QNi16lDgnu3kY2BvMezGHr3iDpBenfHDW08ddL4UcUt5NZ4dEsKc3-1pLVGg5MKXn3vPxlS8OeRvg4O2Cwxl6POWhk3TsO4jMCYw-_p3B6CqNZ_4SC1eGpSgRchxPlcPrmro0AlibXdz-iqse1SntT7jnGMTVGZogNFwxBsmqoO20WbXdqFVUs0J6HznC2Mh7zNmg055pMkXcZq7UhMq0p8yh4nninrWh0h3191Bru39eMIyMO8oLqkEoV4vDhDO&sai=AMfl-YTCF_exjjgJsK-m_xidBXpZl7eLfa87ViSJIQZ-7VrVEJEt-9GJeaL0YvWDbad_3tTiyx_b8Y3J8d3CgNe2Wg2r5S-utGd-UXFTRF_2564GUNNel9B-cHsPmKL_cg&sig=Cg0ArKJSzMXvuUR4k8HCEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: sync-dmp.aura-dsp.com
URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEFbPhYv38BD9686FhyfWpzg&google_cver=1&google_push=AXcoOmRnFl9FiEFeWFBAR63dAZeAymsYoZqib3DxjP5mAomGZ3KLs1y-8OzPCIaQjre8ZO-sBF48lvvdSMQXsuV9KD0pw-fcAkUu

Domain: sync-dmp.aura-dsp.com
URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEPxdKmnT-uCkVdEVDB46LtY&google_cver=1&google_push=AXcoOmSS_o5w1Rq0-iANdVGU6gGKrWD2mzSin-4G8i2O2kWI5BnTc2gRK6JHqND6PaaHlaAIIrIRVL_fyxRdCBJCVNwWr4nqfXwt

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgsed.com/	1970-01-21 00:06:58	Name: _ga Value: GA1.1.258808240.1693858108
.imgsed.com/	1970-01-21 00:06:58	Name: _ga_GC2VPDBYKB Value: GS1.1.1693858107.1.0.1693858108.0.0.0
live.demand.supply/	1970-01-21 00:06:58	Name: demandSupplyTi Value: b2b6adfa-0874-4d00-b52d-562e15658b7b
.demand.supply/	1970-01-20 14:30:59	Name: __cf_bm Value: iKwlg376ZSkpkPjRNcoey5fGtJCKvXdgXXqnvKuYszQ-1693858108-0-Ab3D8usMRkuKGoSInAjPj6ltpDWdJCzlO32x2m6QX0waWX/rbDl9cdClV3cWjszaVpGpELUmR8F7D7j3JUW68dI=
.criteo.com/	1970-01-20 23:52:34	Name: uid Value: fb66b45a-f415-4908-9e39-aa0ea17dd501
.imgsed.com/	1970-01-20 23:52:34	Name: cto_bundle Value: eBQBM19PNWJHWGlLekhRWXc3Y3F3JTJCYmtCcnJKeFM1bEZ1ckNyMGxiNGxhd3dtaWlUYlBkdDNLSXhzUkpyMHpzZVJIZHFmemhMaWJZTzVaSnNtRzcxVFFLVXZ6ayUyQiUyRiUyRmZjRktmY3ZBd1lKVXNqVGJjJTJCVGs3d3pMMnZpT2QwbXpURGJQNHZIVEFnOCUyRnJhTXUlMkY2QThFSjJOb2d3QSUzRCUzRA
.imgsed.com/	1970-01-20 23:52:34	Name: __gads Value: ID=e2ef7b13cfeebbcc:T=1693858108:RT=1693858108:S=ALNI_MaSA_f0HJN-6H9TsTsYwU3qXgLULQ
.imgsed.com/	1970-01-20 23:52:34	Name: __gpi Value: UID=00000c6f0ba8ffd7:T=1693858108:RT=1693858108:S=ALNI_MbvxStHrXu_JbNEa3kT99xFCgUTIw
.doubleclick.net/	1970-01-20 23:52:34	Name: IDE Value: AHWqTUnOUSPw03GbQ7RGg-2eCTo2ND-W0_HgvhRl1H3FcyaYjsne5g8zIGEmLLaoR0A
.simpli.fi/	1970-01-20 23:18:00	Name: suid Value: 1F4E52B9199A414DBA6A58BBA45EC580
.adform.net/	1970-01-20 15:14:10	Name: C Value: 1
.adform.net/	1970-01-20 15:57:22	Name: uid Value: 1864702858295612851
.quantserve.com/	1970-01-20 16:40:34	Name: d Value: EF4BCQHvKYEA
.quantserve.com/	1970-01-21 00:01:12	Name: mc Value: 64f6393e-049a5-8867c-d16c8
.lijit.com/	1970-01-20 23:16:34	Name: ljt_reader Value: HRD4qGZHUa944QYPRu-ioRY4
.googleadservices.com/	1970-01-20 16:40:34	Name: ar_debug Value: 1
sync.srv.stackadapt.com/	1970-01-20 23:16:34	Name: sa-user-id Value: s%3A0-6cfddea6-11bd-5be7-4ffb-abc0efa0c462.xB%2Bt8WJob0kuW346SorMfycHzv%2FeRFh3HIfpdhh0wOs
.srv.stackadapt.com/	1970-01-20 23:16:34	Name: sa-user-id Value: s%3A0-6cfddea6-11bd-5be7-4ffb-abc0efa0c462.xB%2Bt8WJob0kuW346SorMfycHzv%2FeRFh3HIfpdhh0wOs
sync.srv.stackadapt.com/	1970-01-20 23:16:34	Name: sa-user-id-v2 Value: s%3AbP3ephG9W-dP-6vA76DEYlFfBSo.77nRy%2BNWeyHE6%2B9x89M%2FTqsMDE7UKYI%2FHC7ejA1y1lw
.srv.stackadapt.com/	1970-01-20 23:16:34	Name: sa-user-id-v2 Value: s%3AbP3ephG9W-dP-6vA76DEYlFfBSo.77nRy%2BNWeyHE6%2B9x89M%2FTqsMDE7UKYI%2FHC7ejA1y1lw
sync.srv.stackadapt.com/	1970-01-20 23:16:34	Name: sa-user-id-v3 Value: s%3AAQAKIBTaz_YxPrJbo_1PlWiB75s7O7fAbbADPdFB2AIcd9QrEHwYBCC-8tinBjABOgRDMKv5QgRATQWV.HP8nnZEf3Q6ehftD9xvHOhucLqPrk5JzgZc7tj3ngN4
.srv.stackadapt.com/	1970-01-20 23:16:34	Name: sa-user-id-v3 Value: s%3AAQAKIBTaz_YxPrJbo_1PlWiB75s7O7fAbbADPdFB2AIcd9QrEHwYBCC-8tinBjABOgRDMKv5QgRATQWV.HP8nnZEf3Q6ehftD9xvHOhucLqPrk5JzgZc7tj3ngN4
.zemanta.com/	1970-01-20 23:16:34	Name: zuid Value: 0-Zk9oaI-A4C7SYB7Lvz

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abdb560ff85e40a9c80da2dc486c10b8.safeframe.googlesyndication.com
ads.eu.criteo.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cat.fr3.eu.criteo.com
cc.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
gum.criteo.com
id5-sync.com
imageproxy.eu.criteo.net
imgsed.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s1.imgsed.com
securepubads.g.doubleclick.net
static.criteo.net
sync-dmp.aura-dsp.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
securepubads.g.doubleclick.net
sync-dmp.aura-dsp.com
www.googletagservices.com
108.139.243.81
141.95.98.65
142.250.186.130
142.250.186.98
178.250.7.13
178.250.7.9
2001:4860:4802:32::36
216.52.2.6
2600:9000:2250:e400:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:20::681a:b84
2606:4700::6810:5914
2606:4700::6810:8516
2606:4700::6811:180e
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a02:2638:3::c
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
34.251.225.99
34.96.70.87
35.156.208.169
35.204.74.118
37.157.6.232
50.31.142.159
52.193.101.23
54.160.39.45
0744e0977ee49f36068545961c335a86f87a70fbc8a009d26c49b7d6998a0220
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0907ee0a03065a9961ed6537e9277551f907d6a2b93c4f806af88aeefa5e6445
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf57eed7aa19a3199ec71bb1ef426f8a5abc622bb01abdd434b9d1e94a1b517
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
13ba34cee08af4656fe17a46da5bc47599bde585f124930523cc10fe6f0974b5
13bd645b5c3921222b7bf6646895bdff985d7361a1c974c887ec1108c146ebc9
16107109a34eff5ca83a72994e64d8a269b511b5c6a1f1276c79d0a2955418e2
18f0718cfd5b7263053a63c3ab923cdbfd9fad28698c09b73966cf0591350803
197644aee3a8adaa55a257f9fc2b44b53bdafd55e73fe29cc9789fdb7c44793c
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
2243ce0f44701e48d3bfbe2df4342a33db4f0ff39444089c1c3d0b9637ac68d5
22ad987b07747c5c3d4f22e8180c4fffac7c6e323cf9661042f2a690cc0d0271
22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
273e1e8e6099b96ffefbcfd6da0b7e06b3854c5044943159cfa5324800056fd2
2818a141607362ee290dce0da2e65cd5d3f45149e98215105f9de31e46e298fd
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2fb07ad4c1ce0076c6d51c018894025c404f625a983978f5040f46e2b5dbde08
3119db9dc3bab926d2204135b533e1d4ed386d95d968ff8cecd93af84bd02a69
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6
3685a3529d6bdee4fac584a8396707799110ceda2c9b01baa4147b2429ce3040
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3f4300c748c5c4fd8afc45978d3839203a189cb7d8bd7af90cd21e7641f7ce3c
3f85e4758234ee9f686b4f450b19b41f66ad9d190d83cac719d4a9535c940425
40ea665935aa6bd853b7c8b7297bed3409aa15f24c3d2bbb45798a6a5866cf41
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47f33464f4de8093652b02769261e6cda0386506fcb035edfbb70c49efb6e795
4bed1a59ce85539fa25e28cde62f734b814d9a0e37c71466ba601d9a5737edf0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb7a2ba33082e2e7e8f36a4a7e2a04d39393b368d926be480c93f8e44e82767
4fc8b39bfd0023c9b599d45fd68c716ff81c5ff2d1d33e644653e41599464c09
532bff59171bc0e31738e2854fd5899b3712da2a2ea6263f98379a60dec48e95
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564cffc8af818941bcf5a848e4c29fe86fa11d82b6ba2f2f2e1dd6775ce5e17a
584ad1210dafdd628f279971ba25f941adf65bab64efdc611f05e6691cc54079
5a8a25d7dc14e55c4722d22fc284328e52efe16138e942fd1ab4a9075c20d29f
5ddb4b497caad77b24d803657c9ee0c6f4e50e385c95008e630457329aae0faf
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6001ebdedf778704db83ddc2288a754578cf020e71618c15627955ded42ae4cf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
774684720c1e616cda242ecf08b4d76930f1cc5ae90a4250142774286770d9fc
7c4328eb6b5589ce8b1bf51e051489b1a217aca5f3c85dcd029f89930b954842
7cd1d6f58b9ec7c07ec6a0f5cf79db5110b1c999919dee0036a7c1206e847694
8096af6b3e98ec4d35d492edaa88910bc1f197e6d7d14a3a9617a98e4272349e
865a2acfe5acd46e5c0e73e136e4f301e66a1345b3577f3e2996cbdcd6bcd2af
8b3760fd1c0978ee33bacfd276e587b1a60992c608e477c37ffee082cb08a1f3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee1d961d9dd4c8e190abab9008cba30d5b80d6434de370c90cee1b8a195243c
94d66e443009847e50a6145b2e4718d6a5d182858e53806dad913edf1f37b884
994561937bd64b1dacecb0658dd27c6a1120d74b14fbbed9c2bfbea7f8ed6cf0
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ee1759c0647e920aa0a39f53b363750e5a0474113d225013e188ca3fa4e6580
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a27eeba1ff4a63b0bd5b2ae5f28427e6a1244b75c2d05fbf68d33475289ee937
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aafea96ad669e9a3dc0c9faea9bf5ead00c0378cf99ed5a1e450a3d284b45191
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
adb727e7ca3e714e3f37212e50a834d488d6cb400e9ed21cdfab39c6ca797f4a
aded03f1ca44630a34f855e894d6b28d4a1eba327fc35516dc8ef3d171ad90bc
af1aa0a689b2345b750b54b4505d7a154b3b5cb46d4577d88a4c96d10e36c502
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b43c74de12f84c09b76774dbc5c32b70c8ed015b5b1c2c5f16ae8c0f05636414
b53a4c04ef649194536ca97140e5f67e22db7ec42070a359125732b2f9828a66
b7f7b4d4ef31836eb7a95af9e7c212ee1ad1ee0cd20f75d298ee708fb7eb0a77
b8418b3b3401e9ba6f3a17a15fd7f27d3633cda58ba129231631c07720435499
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c5897c881edcb864a0de7c4b79772d0c460568ccd74c3f720283fa6060a04c96
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
cb6e82c778ef6dfc00a03d7fd8eae8588c7f839163e487cf2c00428319ca8114
d1e4270567b8ca85bf6aab1789c2d124c938d80644524925c32601af533b53da
d31eeef55304ad76c511226fdaf6951b69108756466718b347efbf8921aa3fce
d6e4f7be9a908c6a3daff3a1893260a12b06935e6e44ac849031b03f67187b48
dcee99a98a72212441b7740bd71c6585a33232466f36c9ff5f54431895e72143
e0d4a3e6d249b72bd0dc21d03c80d6a2d2faa38423e3534b0844453e764b73d5
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e24a0a66f1559c76d6f08e3729aeffd1f429a98c7c5ca2b94d354e439ae5a88b
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3219fdee7bdd2b59fd68169cfd07603bcc9e421b7d069a41318d9ceb1f7ca
e49214bab95d8a8982020d06affd0bb6996e55b2614c1217d20359ab20766f4a
e56ab353297f5780781dd4c5efb8264093c43ca4ab719e21f13c9bf48f47300d
e5b44ada2a78ae7e065d0653a2d6f85d71f803564e34a3bbd1ba915d4c6e5cca
e7ad3bd49772769ef6e9f14eb6ca9c6378af8ac4c4e1d1a0cf0d669f95f35a62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3d6371d6f0798b861794c10d19a46e13b1a4c23d0d57826c1a0f6fadf4d569
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f90ae2310a9e571e92ba6420852508b81c2ed76fc8dc68f739af63c8708e6e25
fd72406387fd1700b3ae2e1b355ae2b780d8170975d25673efce57d39a73dfe0
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

imgsed.com Open in urlscan Pro 2606:4700:20::681a:b84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

155 Requests

90 %HTTPS

58 %IPv6

27 Domains

39 Subdomains

32 IPs

7 Countries

1057 kBTransfer

2709 kBSize

23 Cookies

1 Outgoing links

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

imgsed.com Open in urlscan Pro
2606:4700:20::681a:b84 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

90 %
HTTPS

58 %
IPv6

27
Domains

39
Subdomains

32
IPs

7
Countries

1057 kB
Transfer

2709 kB
Size

23
Cookies

155 HTTP transactions
4 data transactions