imgsed.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://imgsed.com/
Effective URL:
https://imgsed.com/
Submission: On October 23 via api (October 23rd 2023, 9:25:59 am UTC) from US — Scanned from DE

Summary HTTP 140 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 36 domains to perform 140 HTTP transactions. The main IP is 2606:4700:20::ac43:4970, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgsed.com. The Cisco Umbrella rank of the primary domain is 465612.
TLS certificate: Issued by GTS CA 1P5 on October 3rd 2023. Valid for: 3 months.

This is the only time imgsed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:a84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::ac43:4970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:b400:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:e000:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	52.48.43.143 52.48.43.143	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
4 4	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	69.166.1.67 69.166.1.67	27630 (AS-XFERNET) (AS-XFERNET)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.2.38.181 52.2.38.181	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:b2c6:d996:450e:d342	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
140	37

1 2606:4700:20::681a:a84 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4970 (United States)

ASN13335 (CLOUDFLARENET, US)

imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.imgsed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:b400:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.159 (United States) 4 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.38.181 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-38-181.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:b2c6:d996:450e:d342 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	316 KB
27	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	310 KB
19	demand.supply live.demand.supply — Cisco Umbrella Rank: 48122	40 KB
7	gstatic.com www.gstatic.com	58 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	104 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
5	imgsed.com 1 redirects imgsed.com — Cisco Umbrella Rank: 465612 s1.imgsed.com	13 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 637	2 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1906 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919 rtb.openx.net — Cisco Umbrella Rank: 912	910 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	32 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	7 KB
3	yahoo.com 1 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5736 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	10 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	31 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 542	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 967	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 649	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223 Failed	118 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073	12 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	304 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1484	712 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5702	609 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	63 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343	573 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1111	401 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536	550 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416	773 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1319	5 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	91 KB
140	36

	Domain	Requested by
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com imgsed.com 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com www.gstatic.com
19	live.demand.supply	imgsed.com live.demand.supply client
12	cm.g.doubleclick.net	7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
12	securepubads.g.doubleclick.net	1 redirects live.demand.supply securepubads.g.doubleclick.net imgsed.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com imgsed.com 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com www.googletagservices.com
7	www.gstatic.com	imgsed.com 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	2 redirects tpc.googlesyndication.com imgsed.com
4	b1sync.zemanta.com	4 redirects
3	googleads.g.doubleclick.net	imgsed.com 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
3	7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	s1.imgsed.com	imgsed.com s1.imgsed.com
2	www.googleadservices.com
2	secure.adnxs.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	fonts.googleapis.com	7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com imgsed.com
2	www.googletagservices.com	securepubads.g.doubleclick.net imgsed.com 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
2	id5-sync.com	cdn.id5-sync.com
2	oajs.openx.net	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	region1.google-analytics.com	www.googletagmanager.com
2	imgsed.com	1 redirects
1	sync.inmobi.com	1 redirects
1	rtb.openx.net	7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	fksnk.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	s0.2mdn.net	tpc.googlesyndication.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.go.sonobi.com	7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
1	match.adsby.bidtheatre.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	imgsed.com
140	50

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
imgsed.com GTS CA 1P5	`2023-10-03` - `2024-01-01`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://imgsed.com/
Frame ID: EEDC3ACB4C8F3FDF90632470409FAF90
Requests: 53 HTTP requests in this frame

Frame: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D2F778D4BBD38A74AA89E4523300F8C3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com
Frame ID: 7B46083AD6335CCD16039BD9296622EC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F1229AFBD645CEA52649493A33C4D4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26D2DFB3384FCF5FB75E9E3E326F2B99
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F5B5BED520F563C7EFC48637E2989CBF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCkLqVmCSucE_X-PCkkdJdrROax9OYqGYZooo4g8-NIvCGc5hfzN_tRWrvHUuvy1DOYhxRHGv6gK8oE_4Q32EjN0fSmlEcTj3G5d69jR-YTiqT3GdPQH8Favieo1AzsmxQ7mDxvqZiUYifq9UsRtnS1vTriov0UuqT_K190RavVpyWoetdWy-_oWsQr2MRKUapCc-lHeypAd8UZC4DnN7I5pchD4z2lOdMzTD-3V3yKSj85dUwPBM9r_BMxBXSg9lTyia1gJh-lOwNqAC-2_X5v8YXzbbSnhCz5oxkKsk4AIeaufi6zw1oK_ozEdVcHDusnk3FSyNPkX9ddJayXbclCWDjBulyeJoGOPtgoUxv7CKTCE5bAFoCnWeyEM-4SA4vFs1nmWv56k9LfPoPDlIXHuSliH7OplsXGCCrqw&sai=AMfl-YTlYw00hlu6BL6FtMxYDtIlHEAywyP7ViUyVl3t3YYQ711U0jUdS-tpKgXQJpSIr7fxh1q4RClhvNJFbNYsWkoOXr8HesP-1Iv7naepJow1sOfivS3O_Zw-DQef7NUC69gXi7CAcsAyXdWiwjQ&sig=Cg0ArKJSzPJ-n07Bs6tEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3B350AA29B2AB57133F902C80EE7F080
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuajxZyEAnAZM0I1LoTgMHwj0DcJN_exIXVNxafU1tnBYWJSp7W6JDRtXiY2sBLbXqPhT-Q4P9LPSBmiM7-xWAS9p4MQpFj4ZRemCa_4l6Bo5GDeZDWX-dArN4VpGsHH_-g0RSz_6bfMVDLS2reOAaem3eMXJQxu3qBwDDO05TP8Vipe4Pigi10MlXOt1vA7ymHjSKloaT-EcvQYwcZ64RdxvQ1NqwJ8kS2xKSJXa6zzb6823st29IiQZ5fNmc558pJbk3MLiwHZJfW4RER_7gwL-DlFx7o1U3CSZ2u5HHFFPGsZRNSm1ELEP31z7r0rPa_rr5vCcNON51oaH4atSzT1iFmT5G4Qkc_P9WYZiob2z7RsGp9AZWrQtkLYysrY-QAH59pgXSeX1Qtz2SZ3C1ZThUdrWcgVZ8yPJFn&sai=AMfl-YQb0lSYq9aEg34-G7gwh7UKQciDLP0zsl3prJx0DA5hQz_wwYV7T1ZJInun-eJJ3MTx6TQ_a9BCiNOdxncPz0TqEzZnoYPGydzA8mWD7daLvNuS9boU5MFSwUJac7C4zJ47QU8yoFF53EoswtQi&sig=Cg0ArKJSzCp_Ks96Zn0JEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 84326675B08D16D7577DF9A1E88A88CD
Requests: 2 HTTP requests in this frame

Frame: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A85FD2E614F97886F0E8D5106C43AF6
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Frame ID: D16AF7F3700AA91EE0DC6E9271654598
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7EED00ACFE1F6199BB5C515D53387734
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 26AFA876B51B5EE16F851D566131E085
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2BBD62E8F87CF60692FF44D193B7457E
Requests: 9 HTTP requests in this frame

Frame: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5C1B2D20ECEF6851EA61FDB3F56398CC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
Frame ID: A47AA1FB499B5E9E2F9A2BBB9A482C9D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E6E2C3BA375677EC5E64067136920067
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Frame ID: 88423F69E0CA10EE15C6926CF3F38F53
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Frame ID: 2527E6E7806E2C7B5F5E0877274D18FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

download instagram stories highlights, photos and videos online - imgsed.com

Page URL History Show full URLs

http://imgsed.com/ HTTP 301
https://imgsed.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

140
Requests

86 %
HTTPS

55 %
IPv6

36
Domains

50
Subdomains

37
IPs

8
Countries

1238 kB
Transfer

3421 kB
Size

31
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://imgsed.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://imgsed.com/ HTTP 301
https://imgsed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://oajs.openx.net/esp?url=https%3A%2F%2Fimgsed.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fimgsed.com%2F&rid=esp&cc=1

Request Chain 34

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=w8g653xtc2FCZDZBTTdSTFBTVy9oWTZwMWxweGpxcVpvWlZXZkMzZ3h3RUhyVWhCVUN6aTZhdzI2aDZ4RE1sTUxlR3F6RnRXNGJ1QUxtT2U1SFFpSUg1SHJodjkvaVg3L0hIWEtoaHY5MnVKV2FGSS9WUmd6YTM3UWZlU0t3cEFwVUY2dG9ZQUpIWFlZUXVWd2FCaG9ZRlBiSkM4N2JMSGVXY1pmZnpIQTlXTkcxVTd6azRRZloxQndDbEYzaEVYaU1yQUpGYWdqUnFQUXFtUGNrNVdFMURMMzQwTGFPcFFLY2JNSDZTbGUxS1ZZdDJTRUtTa2tOMzdQVHdxUUZjelk0QUZJV0c2UDRrd1BraTZhTjd3dlNrVXZzUT09fA&cppv=2

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGffRaAJFah3HK1uT_0Fa40&google_cver=1&google_push=AXcoOmSXgoTaryS303bKq0SxtBfeT8iNup-3z-ebHDVDIXjaMAv7BaZymhxmW75C13brCq6P8pYgScf_lJ3v91xwjFsFklGPXi8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSXgoTaryS303bKq0SxtBfeT8iNup-3z-ebHDVDIXjaMAv7BaZymhxmW75C13brCq6P8pYgScf_lJ3v91xwjFsFklGPXi8E

Request Chain 91

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPJ5wink5f0c4Or80WJHFCc&google_cver=1&google_push=AXcoOmSdLhtEC1EXBFZ7OnblhIySeW35ruQn1Y8-f1ut2cmlNzhDbTAXU9ZLEWe8CWDRmnjZYySYFUCM9b_RukMzjIsu88smUOgz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSdLhtEC1EXBFZ7OnblhIySeW35ruQn1Y8-f1ut2cmlNzhDbTAXU9ZLEWe8CWDRmnjZYySYFUCM9b_RukMzjIsu88smUOgz

Request Chain 92

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENtp42NmG8QkkMKkYd1RKhM&google_cver=1&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsMYKN65gtMP5BypURBzBSjkziY4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENtp42NmG8QkkMKkYd1RKhM&google_cver=1&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsMYKN65gtMP5BypURBzBSjkziY4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1OTg3OTM3NjMyOTc3NzkxNQ&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsMYKN65gtMP5BypURBzBSjkziY4

Request Chain 93

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEO_AQAWcwjwM95QcR3o1sSE&google_cver=1&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtcimla9sdtdyvuaQ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEO_AQAWcwjwM95QcR3o1sSE&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtcimla9sdtdyvuaQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtcimla9sdtdyvuaQ&google_hm=U01jNXNhRGJmbms3UzczLWdGZEY=

Request Chain 95

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAOPGCsPnXkHQcdGlgi3Qs8&google_cver=1&google_push=AXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698053155030 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b4506754-1098-4c51-805d-880009c005e7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A%26google_hm%3DA7RQZ1QQmExRgF2IAAnABec HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A&google_hm=A7RQZ1QQmExRgF2IAAnABec

Request Chain 96

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESECRS9dAvG5M-NBDl-es6BBc&google_cver=1&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePADRUIQhNib-jKzDxrtjcLwQ-CtA HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESECRS9dAvG5M-NBDl-es6BBc&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePADRUIQhNib-jKzDxrtjcLwQ-CtA&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePADRUIQhNib-jKzDxrtjcLwQ-CtA&google_hm=R0lJeHBpRnYtVXJBWV9ubHdrU1c=

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGZmuEj0lYgJKpS6wv9uwco&google_cver=1&google_push=AXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZmuEj0lYgJKpS6wv9uwco&google_cver=1&google_push=AXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 118

https://fksnk.com/cs/google?google_gid=CAESEM58XMjg27yuLRedIyEoy8I&google_cver=1&google_push=AXcoOmRZsjB-mvTtuAwd8sK4lk9XpkmK_pue1g-Y9QsguFd5Vo0CFERikG0ubUCdG0ESykPmSSSdQtcC66CC6uuy8Wa7-k7XHaFO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUQ1NkM4NzkyQTJGQzQ0Nw==

Request Chain 119

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFExBsZjsqcHVRiC0FfPQfA&google_cver=1&google_push=AXcoOmQ_Yp0nwxMGL-KlnQMyiGnLqPPgRNVIfJ3fts7BiG1OKxmBiM8Vs8E8EDroAUxEykwqfoWI_xw9VADnafWyrMzheXtBmVX1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_Yp0nwxMGL-KlnQMyiGnLqPPgRNVIfJ3fts7BiG1OKxmBiM8Vs8E8EDroAUxEykwqfoWI_xw9VADnafWyrMzheXtBmVX1&google_hm=eS1fRTN3a3U5RTJwSG1MWENGYzl6OW02dnhXeEhWYURkYn5B

Request Chain 121

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGJesABT73togaxt9QVzUQo&google_cver=1&google_push=AXcoOmQuEjwwW9clK5BU6c9gFhpkK8HZ0wzN7_N7E4BJRwSfe695MQDKzdhMHzJc4_XgIhKuPDh6asP-jTncwDaUMeSAiMckHIAo HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGJesABT73togaxt9QVzUQo&google_cver=1&google_push=AXcoOmQuEjwwW9clK5BU6c9gFhpkK8HZ0wzN7_N7E4BJRwSfe695MQDKzdhMHzJc4_XgIhKuPDh6asP-jTncwDaUMeSAiMckHIAo&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ga3Mtu3GSB6lBaMKjoCEfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQuEjwwW9clK5BU6c9gFhpkK8HZ0wzN7_N7E4BJRwSfe695MQDKzdhMHzJc4_XgIhKuPDh6asP-jTncwDaUMeSAiMckHIAo

Request Chain 122

https://sync.inmobi.com/gob?google_gid=CAESEPO-PHtOsNMGbdCGJqKrmLU&google_cver=1&google_push=AXcoOmTGkrnArzWQK9glEdH2CDtOlUQTEgWJpX7ZpxZqhkOPs3hginwRNv-sIwGDg_fJcCvCX0cIxPp-EN-qjhKznt6NGbYzOJ5qqg HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTGkrnArzWQK9glEdH2CDtOlUQTEgWJpX7ZpxZqhkOPs3hginwRNv-sIwGDg_fJcCvCX0cIxPp-EN-qjhKznt6NGbYzOJ5qqg

Request Chain 123

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKTnjjbNOqqbE0JPku6f0Sg&google_cver=1&google_push=AXcoOmQzuAK4TUwIuCkKCXsP2XQ6-uqOSHLOLIKYh_G6jnVCMF1SfKmsB_Mr2_IiZGxYBO3rjXP6OWJqNjgoFO-inHxVceRdRlt0WQ HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKTnjjbNOqqbE0JPku6f0Sg%26google_cver%3D1%26google_push%3DAXcoOmQzuAK4TUwIuCkKCXsP2XQ6-uqOSHLOLIKYh_G6jnVCMF1SfKmsB_Mr2_IiZGxYBO3rjXP6OWJqNjgoFO-inHxVceRdRlt0WQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDcxNDU3Nzc3ODM5NDQyOTU5MA%3D%3D&google_gid=CAESEKTnjjbNOqqbE0JPku6f0Sg&google_cver=1&google_push=AXcoOmQzuAK4TUwIuCkKCXsP2XQ6-uqOSHLOLIKYh_G6jnVCMF1SfKmsB_Mr2_IiZGxYBO3rjXP6OWJqNjgoFO-inHxVceRdRlt0WQ

Request Chain 128

https://securepubads.g.doubleclick.net/pagead/adview?ai=C57VnIjw2Ze2XFYyV9u8P5bG06ASB8P2fc57prIzbEfOOsMXfPxABIJWbyiFglZqigrAHoAHw3e70A8gBCakC0I9ASjzGsT7gAgCoAwHIA0iqBKoCT9BwcOKYqbXUTI9otDerQM6b-Hqba6TdUQFBEHTao5mzACbXrSEZG4mziwSgWbgHSmI6QlaexWOy-Ydaw6od8sQqIZYkk6i_t5mPVC4Dd27ia0tzmExxt8mPNBL-6LYKXjFsC4729moGjYUByaSqC8-0VVP14VPDpE975aXAPgHdr1UVV6jde_6eeMle-9VYNQhjz3MOZ_nEj5v9XkToAhg0Zu97MfXUzsxraumL2pdVLm0FzeIDRNtHOWiwLCoKO0KHre2Oh5rqkYkWMjZiHK8kn9D4C1qpAFfEE5_hSyX4DRMhmHSa0aBsjueXwIueHusyKPQHxViTiekz3oz3_QS3H-jh-M-qSQtW8XbBBM-6k0ugEJVrLT_nKubaH21bkKap45yVc170YMAE8tSysLkE4AQBiAWOqsu9TKAGLoAHpIjY3wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDcjwfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgl-aHR0cHM6Ly90b2dnby5kZS9ha3Rpb24vdmVycnVlY2t0LWlzdC1ub3JtYWwtbXdkNDY_Y2lkPTFfMDAwMjY3OCZhdWRpZW5jZT10b2dnbyZzX2t3Y2lkPUFMITk2MDkhMyE2NzQ2ODY5MzQyODIhIWltZ3NlZC5jb20hZCEhgAoDyAsB4g0TCM7dyvjsi4IDFYyK_Qcd5RgNTdgTA4gUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=NxMmVNefTjk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNzbptLg2XLhjHvYw3V8-2dTqbLRgKEjxWuXh4zgAIM4MG0MMZfmBGmgVi65yat3p3nKOawWXsCBgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213396364513815175427%22,%22debug_reporting%22:true,%22destination%22:%22https://toggo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221050390256%22],%224%22:[%2210-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217029214989977823345%22}&andc=true

140 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgsed.com/
Redirect Chain

http://imgsed.com/
https://imgsed.com/

2 KB
1 KB

62ms
25ms

Document
text/html

2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a766ef9c7ab716c773e4d54b22c695de624e4c2d9ae1f3ea813fbc388680c92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 185
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=10800, immutable
cf-cache-status: HIT
cf-ray: 81a8ef6cf92e91fb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 23 Oct 2023 09:25:52 GMT
last-modified: Mon, 23 Oct 2023 08:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPsQg7yniIJwrJWiiaNXn8NdjERiuotJ%2BR6egzft7ZAlaBwlASQchg0uk8Xi1BC%2BAXnDOLyvQGYM9qmDD%2BD4Wi9m5JtnFKf1zuXbJ1J2NmbMQSyOzCcEskP30j0nVaJsKDrlg7op9wI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: MISS

Redirect headers

CF-RAY: 81a8ef6c9f003a44-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 23 Oct 2023 09:25:52 GMT
Expires: Mon, 23 Oct 2023 10:25:52 GMT
Location: https://imgsed.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1fKD2hvDlx7nX2YF8eDwTEZNkSXmmkabecZWW8bjNxapOylCz55mdygOy969nh8Ev%2FztR3s7zmokrM36AzLr%2FbxoJZKXWY7Jq0puQD3ZjGJWeB%2BHdlRV8snCXAQ84CYvuTlLG1BSWs%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 558ms
518ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1238d5a02bc822bd680fd7d2d0fa4fbdf3d7443423982fb2b5f56fa37a51170d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HD4CP4S6RDT94YR3S4B7D0T8
date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 887
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3419363b51a9e9c7d7a3140a2b073098-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 81a8ef6d68335d8d-FRA
link: <https://live.demand.supply/impl.v17.16.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 art.css
s1.imgsed.com/css/ 36 KB
7 KB 35ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/css/art.css?v67
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9552e29bf8bf3d8a139038ee3942e2171e7991b59219a96bf56cd07def6d9c91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 12:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 162996
etag: W/"6533beae-90a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BcjeEa3thdiVdltpzax12fPDvYTCkNv%2BRC3LmQIb8yc4Q3qxCy9%2FW%2FqHybmnI0GK80fVNlknj%2F0VZLqM5424gjJN0Nl1Yb2RLvkkxucH6fUVr9Eai1z8Qe65mB4mJ0V1t%2FkO1V1h90lYEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 81a8ef6d396291fb-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 12:09:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 110ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b06b29b115ed854d6852bcfb728ce679e9c8347bb34be7f633605847844b5d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 23 Oct 2023 09:25:52 GMT

GET
H2 200 art.js Show response
s1.imgsed.com/js/ 7 KB
3 KB 28ms
18ms Script
application/javascript 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.imgsed.com/js/art.js?v67
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13deeb1d584e1c2d3c1e3cc383c786ba94c9451f96523c68cece52973e359b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Sep 2023 01:23:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 162996
etag: W/"65123288-1d4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAwP3jJvOSUafcjBj1N0wfwUeMT1YvG6ljHhnkHvd%2BPxwTYgDcf5Qd%2FMUA6nl4W6oXDn6TGvHRl9%2FV%2FwREm5uUQ%2BKGp7HisFfJ2ethqX36tEi4m9P0d0xeG83Nu9qoIjO4LbsiKDkJsNDuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 81a8ef6d396491fb-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 12:09:06 GMT

GET
H2 200 search1.png
s1.imgsed.com/img/ 332 B
771 B 32ms
31ms Image
image/webp 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imgsed.com/img/search1.png
Requested by: Host: s1.imgsed.com
URL: https://s1.imgsed.com/css/art.css?v67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s1.imgsed.com/css/art.css?v67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2192298
cf-polished: origFmt=png, origSize=828
content-disposition: inline; filename="search1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 332
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Dec 2022 12:10:31 GMT
server: cloudflare
etag: "63ac3237-33c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dm2ie8E19puuJett02%2FiD%2B2rVtFaM7K4Dr1SjgNSeQzkBS7uCHeeAUiJjMf4GnFzk10LSrAbPkCEdgXmxnV0soTJzsFDLrq0jjKrMsFO7ehpW2Ti8iCVtd5UFZhWV5YXmKx1ukNbdy%2FLcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81a8ef6d699d91fb-FRA
expires: Sat, 28 Oct 2023 00:27:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 58ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je3ai0&_p=1144489870&cid=2036576179.1698053153&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698053153&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v17.16.0.js Show response
live.demand.supply/ 83 KB
27 KB 120ms
119ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.16.0.js
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254ed2440d3fe989e8e3e2f2a892760cd72ec637fffa6a2955e2c95895c0feef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HD4BW6RR1C14CQZDABBY9F47
date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 320652
cf-polished: origSize=84854
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2ee107da8e651075e55d02eba7479e77-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 81a8ef70ab835d8d-FRA

GET
H2 200 aW1nc2VkLmNvbS8= Show response
live.demand.supply/p4/v17-10-0/ 2 KB
889 B 246ms
245ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/aW1nc2VkLmNvbS8=
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2942d68833d12cef344d33372d07bcd4c0c4158cec250cbc118f1517cf9cfcfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 81a8ef70ab875d8d-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
519 B 45ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=558&cs=c&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:53 GMT
cf-cache-status: HIT
age: 1312074
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef70be495d50-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 165ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1237c882a38059a513cc0c95d0bb8a0063d67d277e1f06d468cac52997cf5159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29545
x-xss-protection: 0
server: cafe
etag: 350 / 19653 / 31079033 / config-hash: 4808689989001815818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 09:25:53 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
584 B 62ms
51ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK9S2WSJFYK6F0ANJBM1ZZ
date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1232142
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 81a8ef70be475d50-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 imgsed.com_fluid_sq_index Show response
live.demand.supply/cp/ 27 B
369 B 266ms
266ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_fluid_sq_index?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a72ad910926c1b0b3c2e4dc626acfcc072a73c952d57720805b568b570b5506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 81a8ef717ef95d50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 422 KB
132 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 12:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74946
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 21 Oct 2024 12:36:47 GMT

GET
H3 200 imgsed.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
373 B 262ms
262ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/imgsed.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2742b4678cbe6514356bf3709ac6ccf8592ae04082d8f1bc4c2be5897cad1013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 81a8ef723f965d50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 131ms
130ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:53 GMT
cf-cache-status: HIT
age: 1312074
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef725fb35d50-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
30 KB 96ms
26ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Oct 2023 11:34:12 GMT
server: cloudflare
x-amz-request-id: N30EE8SXKD2NYV61
age: 576
etag: W/"e5bbc80dac7ff8597f5b639831f48d87"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81a8ef72fe863808-FRA
x-amz-id-2: nvJMdWMmFvbVKJS666WVD5o1lneAPsALOauKp7U3eRTp6+JkbBUZK2/c6BU5BX15VShJEHkxxjd820Gnp6PnGg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 59ms
38ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11050
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUUnQQJ2YZQR3OP%2BiVh87CZL7fF1xzec06Ht2GEDeAONjZRvHn%2By5hPrcnpL%2BM3l1FxvFV27TtWF%2FxvZ081W935N%2BoblQD30tX7Uwo2gTuezETesZn6euNmxP0JS2H0egmGOwmRjNZEfL%2FaKrWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81a8ef72a9089a41-FRA

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 98ms
16ms Script
application/javascript 2600:9000:223c:b400:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:b400:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:17:48 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 486
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Y62PHL3XK7mIZwoe7u285X_ULh1ch8vr44zgNcju0bPxZrTs22umRQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 80ms
37ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 11 Oct 2023 08:53:04 GMT
server: nginx
etag: W/"65266270-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 24 Oct 2023 09:25:53 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 14 KB
5 KB 101ms
31ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 17:20:48 GMT
server: cloudflare
age: 574273
etag: W/"650886f0-39ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 81a8ef72fea34db1-FRA
expires: Thu, 26 Oct 2023 09:25:53 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 85ms
26ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 04:08:06 GMT
content-encoding: gzip
age: 2265467
x-guploader-uploadid: ADPycdvbRy62debeuap5d2X_nL0IA_diTxUlLVjzCe57950pX-t7YrXJ8wYXRaQQII6P20H4VGYSQ4HjVG7QKouB4behPw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 26 Sep 2024 04:08:06 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 89ms
31ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: bf17047edac5ff2bf23b393d2d01102d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 70ms
23ms Script
text/javascript 2600:9000:2250:e000:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 23 Oct 2023 06:40:14 GMT
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 9940
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 5Y09fI5gytF1BgVYDvRre10cjwVppFaYkZyEMufwCASTmvwcOBpoWw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 73ms
25ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 02:45:52 GMT
content-encoding: gzip
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 24002
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: CCShQcupju5MRjdoNesxlNXuGLVNFU62odk4iVAfTCo1-3UBWZkchA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
727 B 352ms
352ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4402841671155951&correlator=570807697922486&eid=31079033&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C5b1fcc9a-8fd7-4f9e-af23-7e840d87b75d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698053153670&lmt=1698041706&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2036576179.1698053153&ga_sid=1698053154&ga_hid=1144489870&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiBx-vetTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiCx-vetTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGILH6961MUgAUgIIZBIZCgpwdWJjaWQub3JnGIHH6961MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiBx-vetTFIAFICCGQSFwoIcnRiaG91c2UYgsfr3rUxSABSAghkEhQKBW9wZW54GILH6961MUgAUgIIZBIZCgp1aWRhcGkuY29tGILH6961MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ygcfr3rUxSABSAghk&dlt=1698053152817&idt=822&prev_scp=ti%3D85b91bfd-8e8a-491d-b700-77639cf1231c%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D68&adks=3557535414&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2c787218aacea4481c61990ecb4bfae42a0dbef1d302760d00e6935c134ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 696
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D2F7 6 KB
3 KB 140ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:25:53 GMT
expires: Tue, 22 Oct 2024 09:25:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 39 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_page_level_ads.js?cb=31079033

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0814ceb83311ca54fa848a9a31915d46a05013536d38aa50abebb7cf223edf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 12:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74880
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13704
x-xss-protection: 0
server: cafe
etag: 12852200075146428686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 21 Oct 2024 12:37:53 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 133ms
39ms XHR
application/json 52.48.43.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9520ab24cf8816d89cb263b472d2a986c30d42850d092d568ede49c692e867a4

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://imgsed.com
cache-control: no-cache
x-server: 10.45.30.11
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7B46 15 KB
6 KB 58ms
20ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=imgsed.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:25:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 337881
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 127ms
127ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pdc=0.35125732421875&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:53 GMT
cf-cache-status: HIT
age: 1312074
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef7338845d50-FRA

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fimgsed.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fimgsed.com%2F&rid=esp&cc=1

85 B
203 B

128ms
127ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fimgsed.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: cc5eb56d0487ad956ef9dccb9620c28b8cf1d34e56873371a333bbbb3cc4c547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-PB0C5d0zVH+KIwM7mAxmiULQSU4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://imgsed.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 23 Oct 2023 09:25:53 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://imgsed.com
location: /esp?url=https%3A%2F%2Fimgsed.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
226 B 82ms
20ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://imgsed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://imgsed.com
date: Mon, 23 Oct 2023 09:25:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
208 B 85ms
12ms XHR
application/json 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fimgsed.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://imgsed.com
content-type: application/json
access-control-allow-credentials: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 405ms
405ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4402841671155951&correlator=3202501701830847&eid=31079033&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9e1762e5-f19c-4938-8d9d-60bcfa7404f5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698053153824&lmt=1698041706&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=2036576179.1698053153&ga_sid=1698053154&ga_hid=1144489870&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiZyOvetTFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiCx-vetTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGILH6961MUgAUgIIZBIZCgpwdWJjaWQub3JnGM_H6961MUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiBx-vetTFIAFICCGQSFwoIcnRiaG91c2UYhsjr3rUxSABSAghqEhQKBW9wZW54GILH6961MUgAUgIIZBIZCgp1aWRhcGkuY29tGILH6961MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ygcfr3rUxSABSAghk&dlt=1698053152817&idt=822&prev_scp=ti%3D85b91bfd-8e8a-491d-b700-77639cf1231c%26chrand%3Dy%26pof%3D0%26bid%3D0.19%26bid-p%3Dgoogle%26bsc%3D68&adks=3650863032&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a3d588c4db4d100f0dc0d963d665edcf48f7e37ef09f06f636f86c1bb4eed56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12415
x-xss-protection: 0
google-lineitem-id: 5564063189
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7B46
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=imgsed.com&sn=ChromeSyncframe&so=0&topUrl=imgsed.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=w8g653xtc2FCZDZBTTdSTFBTVy9oWTZwMWxweGpxcVpvWlZXZkMzZ3h3RUhyVWhCVUN6aTZhdzI2aDZ4RE1sTUxlR3F6RnRXNGJ1QUxtT2U1SFFpSUg1SHJodjkvaVg3L0hIWEtoaHY5MnVKV2FGSS9WUmd6YTM3UWZlU0...

433 B
655 B

21ms
17ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=w8g653xtc2FCZDZBTTdSTFBTVy9oWTZwMWxweGpxcVpvWlZXZkMzZ3h3RUhyVWhCVUN6aTZhdzI2aDZ4RE1sTUxlR3F6RnRXNGJ1QUxtT2U1SFFpSUg1SHJodjkvaVg3L0hIWEtoaHY5MnVKV2FGSS9WUmd6YTM3UWZlU0t3cEFwVUY2dG9ZQUpIWFlZUXVWd2FCaG9ZRlBiSkM4N2JMSGVXY1pmZnpIQTlXTkcxVTd6azRRZloxQndDbEYzaEVYaU1yQUpGYWdqUnFQUXFtUGNrNVdFMURMMzQwTGFPcFFLY2JNSDZTbGUxS1ZZdDJTRUtTa2tOMzdQVHdxUUZjelk0QUZJV0c2UDRrd1BraTZhTjd3dlNrVXZzUT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2319ebe543b8bf097ab4775e9f09810431df08f76bed879aa5a30948f9aa83d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1281694
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=w8g653xtc2FCZDZBTTdSTFBTVy9oWTZwMWxweGpxcVpvWlZXZkMzZ3h3RUhyVWhCVUN6aTZhdzI2aDZ4RE1sTUxlR3F6RnRXNGJ1QUxtT2U1SFFpSUg1SHJodjkvaVg3L0hIWEtoaHY5MnVKV2FGSS9WUmd6YTM3UWZlU0t3cEFwVUY2dG9ZQUpIWFlZUXVWd2FCaG9ZRlBiSkM4N2JMSGVXY1pmZnpIQTlXTkcxVTd6azRRZloxQndDbEYzaEVYaU1yQUpGYWdqUnFQUXFtUGNrNVdFMURMMzQwTGFPcFFLY2JNSDZTbGUxS1ZZdDJTRUtTa2tOMzdQVHdxUUZjelk0QUZJV0c2UDRrd1BraTZhTjd3dlNrVXZzUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 295563
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 108ms
69ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06ad5e00e1d76caca9003eb34ffd42e84503751ccc57e1faac2b75eff537ec5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12162
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pdc=0.18492794036865234&ucv=null&e=tcp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:53 GMT
cf-cache-status: HIT
age: 1312074
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef73f92f5d50-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 120ms
116ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01H95R0W3H9SMVPKTQMTQBKKQX
date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2086611
etag: W/"ca59855b4714df36e4972d3d4157366d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 81a8ef73ec38364e-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 48ms
48ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=imgsed.com_auto_728x90_sticky_display_bottom&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MWHZCAH582Z2GR9DHA8
date: Mon, 23 Oct 2023 09:25:53 GMT
cf-cache-status: HIT
age: 1312066
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef73f9305d50-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 344ms
343ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4402841671155951&correlator=1811759765060867&eid=31079033&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C840219cb-19cc-4356-9a61-e5772cde584b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698053153903&lmt=1698041706&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2036576179.1698053153&ga_sid=1698053154&ga_hid=1144489870&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiZyOvetTFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiCx-vetTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGILH6961MUgAUgIIZBIZCgpwdWJjaWQub3JnGM_H6961MUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiBx-vetTFIAFICCGQSFwoIcnRiaG91c2UYhsjr3rUxSABSAghqEhQKBW9wZW54GILH6961MUgAUgIIZBIZCgp1aWRhcGkuY29tGILH6961MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6Mjr3rUxSABSAghq&dlt=1698053152817&idt=822&prev_scp=ti%3D85b91bfd-8e8a-491d-b700-77639cf1231c%26chrand%3Dy%26pof%3D0%26bid%3D0.11%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D68&adks=55489845&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7ba4c533cd86f18ad26a68304d31fb59592fc6315d4f2518361ca40d7594cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12417
x-xss-protection: 0
google-lineitem-id: 5562801801
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 68ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 09:25:54 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 35ms
35ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&e=nai&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:54 GMT
cf-cache-status: HIT
age: 1312075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef74ca095d50-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 19ms
19ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:54 GMT
cf-cache-status: HIT
age: 1312075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef74ca0c5d50-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 183 KB
51 KB 384ms
384ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4402841671155951&correlator=2901848554959546&eid=31079033&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Ccd5f0bdc-b9a1-47ac-a657-60582e930ab9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dc638af88a9783ded%3AT%3D1698053153%3ART%3D1698053153%3AS%3DALNI_MZdFuZ6XdS9ZVX6EXJwQbI5Tu2-yQ&gpic=UID%3D00000ca0452aaab8%3AT%3D1698053153%3ART%3D1698053153%3AS%3DALNI_MYicepc5L8xkTtuTlHtSQq1DhemLw&abxe=1&dt=1698053154048&lmt=1698041706&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2036576179.1698053153&ga_sid=1698053154&ga_hid=1144489870&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgsfr3rUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiCx-vetTFIAFICCGQSGQoKcHViY2lkLm9yZxjPx-vetTFIAFICCGoSGAoJeWFob28uY29tGJnI6961MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiBx-vetTFIAFICCGQSFwoIcnRiaG91c2UYhsjr3rUxSABSAghqEhQKBW9wZW54GILH6961MUgAUgIIZBIZCgp1aWRhcGkuY29tGILH6961MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6Mjr3rUxSABSAghq&dlt=1698053152817&idt=822&prev_scp=ti%3D85b91bfd-8e8a-491d-b700-77639cf1231c%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D68&adks=1021207636&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d4dc02a22934f04188b6c636c4658117fb11445e2de7e22e93f66229f00690e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52658
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F12 13 KB
5 KB 26ms
24ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 20:05:36 GMT
expires: Sun, 20 Oct 2024 20:05:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 26D2 829 B
1 KB 98ms
47ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5cbb541bfd8b131b5896efb0d0f238fd722753ae36b2920df7eedf60e793f24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iK0ZwX0OR2PU0XdxPIcq9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-iK0ZwX0OR2PU0XdxPIcq9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:25:54 GMT
expires: Mon, 23 Oct 2023 09:25:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F5B5 0
176 B 100ms
37ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 23 Oct 2023 09:25:54 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F12 37 KB
14 KB 90ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Oct 2024 09:03:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 26D2 0
0 51ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=4402841671155951&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET view
securepubads.g.doubleclick.net/pcs/ Frame 3B35 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B35 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
12 KB 304ms
304ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4402841671155951&correlator=3437709311514656&eid=31079033&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2Cc25b97ad-5898-416a-bd5e-9288e4cddf95&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=500x280%7C480x320&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D761c6783cbd0aba8%3AT%3D1698053153%3ART%3D1698053153%3AS%3DALNI_MYI_o40fa8qD0IDXN-2DabzFKskwQ&gpic=UID%3D00000ca045130b13%3AT%3D1698053153%3ART%3D1698053153%3AS%3DALNI_MaTwBgN-jCaXRl-HY9aQW0O2fi1VQ&abxe=1&dt=1698053154271&lmt=1698041706&adxs=550&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=500x296&msz=500x296&fws=0&ohw=0&ga_vid=2036576179.1698053153&ga_sid=1698053154&ga_hid=1144489870&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgsfr3rUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiCx-vetTFIAFICCGQSGQoKcHViY2lkLm9yZxjPx-vetTFIAFICCGoSGAoJeWFob28uY29tGJnI6961MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiBx-vetTFIAFICCGQSFwoIcnRiaG91c2UYhsjr3rUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaWVuTnVTVWw0YW5oUk4wTlpUV0Z4VFVwNU5GTTBkejA5SW4wPRityuvetTFIABIZCgp1aWRhcGkuY29tGILH6961MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6Mjr3rUxSABSAghq&dlt=1698053152817&idt=822&prev_scp=ti%3D85b91bfd-8e8a-491d-b700-77639cf1231c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D68&adks=4228963507&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cd902fd8f4f98a895c83234de57cce57aca9397c65c7f8dd267411056a1058d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11990
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 8432 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8432 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 129 KB
44 KB 444ms
444ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4402841671155951&correlator=3890569153576265&eid=31079033&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=44890869%3A22559584041%2Cca-pub-3831894559014614-tag%2C9c715473-72c6-4bfa-b856-e77f61af6bdc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Decda95a946f9b41b%3AT%3D1698053153%3ART%3D1698053153%3AS%3DALNI_MZzsFJWRFBJI-oL83d9hRjQvmlz-A&gpic=UID%3D00000ca04436f496%3AT%3D1698053153%3ART%3D1698053153%3AS%3DALNI_MYUZnraMhxWBfo4Mk5snlOQ57VOLg&abxe=1&dt=1698053154290&lmt=1698041706&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fimgsed.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2036576179.1698053153&ga_sid=1698053154&ga_hid=1144489870&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgsfr3rUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiCx-vetTFIAFICCGQSGQoKcHViY2lkLm9yZxjPx-vetTFIAFICCGoSGAoJeWFob28uY29tGJnI6961MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiBx-vetTFIAFICCGQSFwoIcnRiaG91c2UYhsjr3rUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaWVuTnVTVWw0YW5oUk4wTlpUV0Z4VFVwNU5GTTBkejA5SW4wPRityuvetTFIABIZCgp1aWRhcGkuY29tGILH6961MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6Mjr3rUxSABSAghq&dlt=1698053152817&idt=822&prev_scp=ti%3D85b91bfd-8e8a-491d-b700-77639cf1231c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D68&adks=806473613&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

632eb24dd7829ee00477cf17df51b7edf55b1cda72e35a7e379d74fb6fc22984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45085
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F12 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FjsQxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A85 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:25:53 GMT
expires: Tue, 22 Oct 2024 09:25:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 54ms
54ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=1.59&b=2&r=imgsed.com_auto_interstitial_desktop&sy=5a35ebff-1791-4f6f-b75a-f1023c7b2f59&ts=68&cd=2&pud=558&pus=c&pue=680&pid=123&pis=c&pie=804&ppd=247&pps=a&ppe=927&pcl=169&ttc=932&tti=1935&ttif=0&lca=927&lcak=ppe&lct=927&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=85b91bfd-8e8a-491d-b700-77639cf1231c&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:54 GMT
cf-cache-status: HIT
age: 1312075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef787dee5d50-FRA

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310061803000/ Frame D16A 196 KB
56 KB 75ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 07:37:26 GMT
age: 6508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56106
x-xss-protection: 0
server: sffe
etag: "6471d1057e0de0bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 07:37:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame D16A 15 KB
5 KB 120ms
74ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 07:37:26 GMT
age: 6508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5216
x-xss-protection: 0
server: sffe
etag: "c5e6042816070d0a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 07:37:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame D16A 95 KB
28 KB 100ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 07:37:30 GMT
age: 6504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29020
x-xss-protection: 0
server: sffe
etag: "9aef0fcfd5306f20"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 07:37:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame D16A 5 KB
2 KB 121ms
75ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 07:37:27 GMT
age: 6507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
server: sffe
etag: "d9a3fbf21fc2b678"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 07:37:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame D16A 40 KB
13 KB 113ms
67ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Oct 2023 07:37:26 GMT
age: 6508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "16aa7f89b2c84c04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Oct 2024 07:37:26 GMT

GET
DATA 200
OK truncated
/ Frame D16A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75ecaae151c5e3aeb1067dc5b4f22984e935e14512f22e2d72bd2ec7863c4a51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 10224371204378845310
tpc.googlesyndication.com/daca_images/simgad/ Frame D16A 57 KB
57 KB 24ms
23ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10224371204378845310

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3e8b70a03b7a556d13790626e177655d2246879f94742dcd6a2c3ced4c7a937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 08:25:41 GMT
x-content-type-options: nosniff
age: 435613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58713
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 23:32:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 08:25:41 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D16A 2 KB
2 KB 23ms
22ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 00:18:28 GMT
x-content-type-options: nosniff
server: cafe
age: 32846
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 24 Oct 2023 00:18:28 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D16A 295 B
319 B 22ms
21ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 65075
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 23 Oct 2023 15:21:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D16A 0
0 36ms
35ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6BNdJj_GNU3H84Kptb2EnSyLHNPltob1VqwoW9xDC5GqIOPqkbNwaMUpgRNghE8Lkrv2D1YfdVNUtg2aqKxIQtVF-2w
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 25ms
24ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_fluid_sq_index&pn=2&sn=3&pc=0.35125732421875&ds=true&e=wdp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:54 GMT
cf-cache-status: HIT
age: 1312075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef78ae175d50-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 59ms
59ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imgsed.com_fluid_sq_index&sy=5a35ebff-1791-4f6f-b75a-f1023c7b2f59&ts=68&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=500x280&mlbw=4g&mlcs=NaN&mltp=85b91bfd-8e8a-491d-b700-77639cf1231c&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:54 GMT
cf-cache-status: HIT
age: 1312075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef78ae195d50-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 6A85 4 KB
1 KB 139ms
76ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 08:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 09:25:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7EED 14 KB
1 KB 118ms
76ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 08:07:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 09:25:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7EED 2 KB
825 B 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 7EED 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:30 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26AF 143 B
382 B 102ms
61ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7EED 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2BBD 1 KB
643 B 19ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Mon, 23 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7EED 20 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7EED 0
0 25ms
25ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYA4m-X9esxX6HdM3ppS89HwXS2TVLDULGGGIfhwNIu9GeIkF35dA-LYij4ebC2FVojpqJOTqdb9ukK1gI0qRBjjNJZA
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EED 187 KB
59 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 09:25:54 GMT

GET
H2 200 b043ffb3bb2c6d533211f24c7a1dfd38.js Show response
www.gstatic.com/mysidia/ Frame 7EED 35 KB
15 KB 119ms
22ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15030
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 17:40:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 18:17:11 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 6A85 20 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:06:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A85 205 B
520 B 115ms
24ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:33:28 GMT
x-content-type-options: nosniff
age: 150746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 20 Oct 2024 15:33:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A85 604 B
695 B 115ms
25ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 09:35:28 GMT
x-content-type-options: nosniff
age: 85826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 21 Oct 2024 09:35:28 GMT

GET
H3 200 container.html Show response
7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C1B 6 KB
3 KB 68ms
66ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079033

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgsed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:25:53 GMT
expires: Tue, 22 Oct 2024 09:25:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 72ms
71ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=imgsed.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.18492794036865234&ds=true&e=wdp&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:54 GMT
cf-cache-status: HIT
age: 1312075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef7a1f755d50-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 75ms
75ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=imgsed.com_auto_728x90_sticky_display_bottom&sy=5a35ebff-1791-4f6f-b75a-f1023c7b2f59&ts=68&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=imgsed.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=85b91bfd-8e8a-491d-b700-77639cf1231c&e=lm&dsReferer=aW1nc2VkLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nf-request-id: 01HBYK2MGA6TWC1FYJDNHTYWTT
date: Mon, 23 Oct 2023 09:25:54 GMT
cf-cache-status: HIT
age: 1312075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81a8ef7a1f795d50-FRA

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D16A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

67ms
67ms

Image
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: imgsed.com
URL: https://imgsed.com/
Protocol: H2
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Oct 2023 09:25:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2BBD
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGffRaAJFah3HK1uT_0Fa40&google_cver=1&google_push=AXcoOmSXgoTaryS303bKq0SxtBfeT8iNup-3z-ebHDVDIXjaMAv7BaZymhxmW75C13brCq6P8pYgS...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSXgoTaryS303bKq0SxtBfeT8iNup-3z-ebHDVDIXjaMAv7BaZymhxmW75C13brCq6P8pYgScf_lJ3v91xwjFsFklGPXi8E

170 B
232 B

34ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSXgoTaryS303bKq0SxtBfeT8iNup-3z-ebHDVDIXjaMAv7BaZymhxmW75C13brCq6P8pYgScf_lJ3v91xwjFsFklGPXi8E

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 Oct 2023 09:25:55 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D98DA35C3A374416A27279D291B28971 Ref B: VIEEDGE2713 Ref C: 2023-10-23T09:25:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSXgoTaryS303bKq0SxtBfeT8iNup-3z-ebHDVDIXjaMAv7BaZymhxmW75C13brCq6P8pYgScf_lJ3v91xwjFsFklGPXi8E
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYIXs8ezEvPD9XlFveKBQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2BBD
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPJ5wink5f0c4Or80WJHFCc&google_cver=1&google_push=AXcoOmSdLhtEC1EXBFZ7OnblhIySeW35ruQn1Y8-f1ut2cmlNzhDbTAXU9ZLEWe8CWDRmnjZYySYFUCM9b_...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSdLhtEC1EXBFZ7OnblhIySeW35ruQn1Y8-f1ut2cmlNzhDbTAXU9ZLEWe8CWDRmnjZYySYFUCM9b_RukMzjIsu88smUOgz

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSdLhtEC1EXBFZ7OnblhIySeW35ruQn1Y8-f1ut2cmlNzhDbTAXU9ZLEWe8CWDRmnjZYySYFUCM9b_RukMzjIsu88smUOgz

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSdLhtEC1EXBFZ7OnblhIySeW35ruQn1Y8-f1ut2cmlNzhDbTAXU9ZLEWe8CWDRmnjZYySYFUCM9b_RukMzjIsu88smUOgz
Date: Mon, 23 Oct 2023 09:25:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2BBD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENtp42NmG8QkkMKkYd1RKhM&google_cver=1&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsMYKN65...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENtp42NmG8QkkMKkYd1RKhM&google_cver=1&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1OTg3OTM3NjMyOTc3NzkxNQ&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsMYKN...

170 B
232 B

43ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1OTg3OTM3NjMyOTc3NzkxNQ&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsMYKN65gtMP5BypURBzBSjkziY4

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI1OTg3OTM3NjMyOTc3NzkxNQ&google_push=AXcoOmRqy-IKyZsSGALAW6NDSB8U7Q2roZgDnWDSWkTxHs7-QbMvzMkbYjv44Cx-b3nrGyVpIsMYKN65gtMP5BypURBzBSjkziY4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2BBD
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEO_AQAWcwjwM95QcR3o1sSE&google_cver=1&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtc...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEO_AQAWcwjwM95QcR3o1sSE&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtc...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtcimla9sdtdyvuaQ&google_hm=U01jNXNhRGJmbms3UzczL...

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtcimla9sdtdyvuaQ&google_hm=U01jNXNhRGJmbms3UzczLWdGZEY=

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 09:25:55 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxAvU5BCxrQjZsMRdH5QVsZ0mAtCernD0ZG5RI3G2zmabS_zrDu3u6zhhv8WemK0FS0JWHkZiPM6Gtcimla9sdtdyvuaQ&google_hm=U01jNXNhRGJmbms3UzczLWdGZEY=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 us
sync.go.sonobi.com/ Frame 2BBD 0
401 B 331ms
101ms Image
text/plain 69.166.1.67
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSivqFA6f79Or1Mynioxm3k9b-3MFuS5yZcSzFjXNbck6zJ7NWmwk_-XkFEzxj3vY0_6H4HdKkjl4NZLydCurhwLbRjbwk9%26google_hm%3D%5BUID%5D&google_gid=CAESECvzLnn08VOae42p9x4o5y0&google_cver=1

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-108
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2BBD
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-b4506754-1098-4c51-805d-880009c005e7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmT5tDOFhsw_BAXzAazHo...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A&google_hm=A7RQZ1QQmExRgF2IAAnABec

170 B
329 B

40ms
39ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A&google_hm=A7RQZ1QQmExRgF2IAAnABec

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT5tDOFhsw_BAXzAazHo23sSDi1QhLPMkKlNG2phPSlqHUAkuUwkRY0u-6lP5J95eqqx7AcCXBU0PJKMRxrA8Pamnt2H5A&google_hm=A7RQZ1QQmExRgF2IAAnABec
date: Mon, 23 Oct 2023 09:25:55 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb450675410984c51805d880009c005e7003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2BBD
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESECRS9dAvG5M-NBDl-es6BBc&google_cver=1&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePAD...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESECRS9dAvG5M-NBDl-es6BBc&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePAD...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePADRUIQhNib-jKzDxrtjcLwQ-CtA&google_hm=R0lJeHBpRnYtVX...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePADRUIQhNib-jKzDxrtjcLwQ-CtA&google_hm=R0lJeHBpRnYtVXJBWV9ubHdrU1c=

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 Oct 2023 09:25:55 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1GrkwmaZPaamPpF3Gc3Iby82bw1JecvBUHQZV5Bya-E_V-N2FWRVkcNuBF-_WStffuePADRUIQhNib-jKzDxrtjcLwQ-CtA&google_hm=R0lJeHBpRnYtVXJBWV9ubHdrU1c=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 242
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2BBD 0
130 B 133ms
26ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jhb5e50bpX1NG-_bWCVsKOBftkE9QA54h5MewW0KjLdPdLSFE5II1RXqIur3UsB2ETyErM9Q

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 5C1B 9 KB
4 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 00:02:35 GMT

GET
H2 200 727b9631cb22194ad9b32fe88c037f0e.js Show response
www.gstatic.com/mysidia/ Frame 5C1B 35 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/727b9631cb22194ad9b32fe88c037f0e.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c208516b99fc74db1a33a95458e1b6b2d2733ef6763f9982f9c9b35681c3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13982
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 00:02:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5C1B 2 KB
825 B 19ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:30 GMT

GET
H2 200 599409a0d14eba93cd1987077bf1ceb1.js Show response
www.gstatic.com/mysidia/ Frame 5C1B 22 KB
9 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/599409a0d14eba93cd1987077bf1ceb1.js?tag=exit_2019

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3ce16231e6b4c71c520c58cc1328c4c9eee058096415cccec79010b7979758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9443
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 00:02:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 5C1B 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5C1B 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5C1B 20 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C1B 187 KB
59 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 09:25:55 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 5C1B 35 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 08:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:58:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
44ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:25:55 GMT
expires: Mon, 23 Oct 2023 09:25:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 09:25:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D16A 0
0 77ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmaJ9Ijw2ZaXTE-Kb9u8PjfSI-AzE-YyIc8XExc6tELCQHxABIJWbyiFglZqigrAHoAHX58vBA8gBAqkCAxUp8-bVST7gAgCoAwHIAwiqBKMCT9Beirn01sc3jhsw9SfRFmXeBiRtWEh6l-brlSWRJpQtm_799SWyN4MD27qjlJZlH6Foz3yB3y2kRvZbB0VYLP66yNpAvQXY9gyjpJhWSOVN-RbIgOk1IWBEhabv-g-qsuzkHFtpKl-kiIogmG_tmXDSy9rUPJmacVQLMfjeufkUlP4XZI7PDBM1qHAYX2m6ODTsXamibHPNtdAeTJVojp0s2ATzUe_bAAClHF8AAM-4krOsOxYf-jiZZ1u_2I4CKk869xVHbucr3MZOWTikdAZpf-XGM8tYMBoBbhj9LVUgHp9s6pbTlPqf4q2Pk9SNzV3lkXl-rK3sU7kgukRSL8-AeC0LKMLAirmg4Ej375aQb4ylxbSjmhP_mFOoRyUusgVdwATa_fKV2APgBAGIBaTGwL46kgUECAQYAZIFBAgFGASgBgKAB5GYtD6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDQmBDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgnaAWh0dHBzOi8vd3d3LmR1cGxpY2F0ZXBob3Rvc2ZpeGVyLmNvbS9scC9kdXBsaWNhdGUtcGhvdG9zLWZpbmRlci8_dXRtX3NvdXJjZT1nb29nbGVhZHcmdXRtX2NhbXBhaWduPWRwZl9nYWRzX2Rpc3BfaW50X2ltZyZ1dG1fbWVkaXVtPWRwZl9nYWRzX2Rpc3BfaW50JnB4bD1kcGZfZ2Fkc19kaXNwX2ludCZ1dG1fYWRncm91cD1kdXBsaWNhdGVwaG90b3MmdXRtX2FkdHlwZT0zMDB4MjUwgAoDyAsB4g0TCMzVyfjsi4IDFeKN_QcdDToCz9gTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=xA9NAeL9zFw&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNDEXC0N_lgF_SlHU1FiHdF2jbfOywmoY5JG6h52xXBzQRskvtdQtOpm58r0tyz-CboEx2QIsCGAE&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 toggo_728x90.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/ Frame A47A 3 KB
1 KB 21ms
18ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/727b9631cb22194ad9b32fe88c037f0e.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce0361a97adae1b4e2cd0ba1b2ee98f3dd7bc5c9b5b1331c7859a4d64fde9dc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 446524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1326
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 05:23:51 GMT
expires: Thu, 17 Oct 2024 05:23:51 GMT
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E6E2 1 KB
643 B 22ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Mon, 23 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5C1B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cde987f5337e880f4aa9520d7b3c341e91b0259a19008371fb4635554538c24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A47A 6 KB
3 KB 36ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 10:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 23 Oct 2023 10:14:58 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A47A 34 KB
13 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:31:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ Frame A47A 82 KB
30 KB 91ms
17ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 18:09:03 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A47A 236 KB
63 KB 102ms
27ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 Oct 2023 09:25:55 GMT

GET
H3 200 toggo_728x90.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/ Frame A47A 25 KB
4 KB 35ms
31ms Script
application/x-javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd4a1efeb43f21e344b7d4701672ecb92081eaec6dc7179a2929ad187733c73d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Oct 2023 05:23:51 GMT
age: 446524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:51 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E6E2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGZmuEj0lYgJKpS6wv9uwco&google_cver=1&google_push=AXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZmuEj0lYgJKpS6wv9uwco&google_cver=1&google_push=AXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM...

43 B
427 B

194ms
174ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZmuEj0lYgJKpS6wv9uwco&google_cver=1&google_push=AXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81a8ef7dbb1b65ae-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 711
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZmuEj0lYgJKpS6wv9uwco&google_cver=1&google_push=AXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSLevvaqRvPvigeMnIA8zOe6zXxeFQ7zzkd_jLpZT5EfbtlqgeKZE2UP9vd7JPJXLhYPqODpbKi1PF3flnGLZy9UrPDrfM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81a8ef7c693d65ae-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6E2
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEM58XMjg27yuLRedIyEoy8I&google_cver=1&google_push=AXcoOmRZsjB-mvTtuAwd8sK4lk9XpkmK_pue1g-Y9QsguFd5Vo0CFERikG0ubUCdG0ESykPmSSSdQtcC66CC6uuy8Wa7-k7XHaFO
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUQ1NkM4NzkyQTJGQzQ0Nw==

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUQ1NkM4NzkyQTJGQzQ0Nw==

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUQ1NkM4NzkyQTJGQzQ0Nw==
date: Mon, 23 Oct 2023 09:25:55 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6E2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFExBsZjsqcHVRiC0FfPQfA&google_cver=1&google_push=AXcoOmQ_Yp0nwxMGL-KlnQMyiGnLqPPgRNVIfJ3fts7BiG1OKxmBiM8Vs8E8EDroAUxEykwqfoWI_xw9VADnafWyrMzheXt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_Yp0nwxMGL-KlnQMyiGnLqPPgRNVIfJ3fts7BiG1OKxmBiM8Vs8E8EDroAUxEykwqfoWI_xw9VADnafWyrMzheXtBmVX1&google_hm=eS1fRTN3a3U5RTJwSG1MWE...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_Yp0nwxMGL-KlnQMyiGnLqPPgRNVIfJ3fts7BiG1OKxmBiM8Vs8E8EDroAUxEykwqfoWI_xw9VADnafWyrMzheXtBmVX1&google_hm=eS1fRTN3a3U5RTJwSG1MWENGYzl6OW02dnhXeEhWYURkYn5B

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 Oct 2023 09:25:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_Yp0nwxMGL-KlnQMyiGnLqPPgRNVIfJ3fts7BiG1OKxmBiM8Vs8E8EDroAUxEykwqfoWI_xw9VADnafWyrMzheXtBmVX1&google_hm=eS1fRTN3a3U5RTJwSG1MWENGYzl6OW02dnhXeEhWYURkYn5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame E6E2 43 B
245 B 93ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH3yXHAma4WZ1rHhpOw8_Kg&google_cver=1&google_push=AXcoOmTu9vxS7--MAezadIBAq9u5OM7z-Ri36pFtCEOuNfv5iWfexGd9TfAuowMhwnWC6WXz81ww8nLwV9eAAZPtIJUih4M1pFsJ
Requested by: Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6E2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ga3Mtu3GSB6lBaMKjoCEfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ga3Mtu3GSB6lBaMKjoCEfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQuEjwwW9clK5BU6c9gFhpkK8HZ0wzN7_N7E4BJRwSfe695MQDKzdhMHzJc4_XgIhKuPDh6asP-jTncwDaUMeSAiMckHIAo

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ga3Mtu3GSB6lBaMKjoCEfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQuEjwwW9clK5BU6c9gFhpkK8HZ0wzN7_N7E4BJRwSfe695MQDKzdhMHzJc4_XgIhKuPDh6asP-jTncwDaUMeSAiMckHIAo
date: Mon, 23 Oct 2023 09:25:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

0.gif
id5-sync.com/i/495/ Frame E6E2
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEPO-PHtOsNMGbdCGJqKrmLU&google_cver=1&google_push=AXcoOmTGkrnArzWQK9glEdH2CDtOlUQTEgWJpX7ZpxZqhkOPs3hginwRNv-sIwGDg_fJcCvCX0cIxPp-EN-qjhKznt6NGbYzOJ5qqg
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTGkrnArzWQK9glEdH2CDtOlUQTEgWJpX7ZpxZqhkOP...

43 B
921 B

57ms
19ms

Image
image/gif

141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTGkrnArzWQK9glEdH2CDtOlUQTEgWJpX7ZpxZqhkOPs3hginwRNv-sIwGDg_fJcCvCX0cIxPp-EN-qjhKznt6NGbYzOJ5qqg

Protocol

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 23 Oct 2023 09:25:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 23 Oct 2023 09:25:55 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTGkrnArzWQK9glEdH2CDtOlUQTEgWJpX7ZpxZqhkOPs3hginwRNv-sIwGDg_fJcCvCX0cIxPp-EN-qjhKznt6NGbYzOJ5qqg
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6E2
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKTnjjbNOqqbE0JPku6f0Sg&google_cver=1&google_push=AXcoOmQzuAK4TUwIu...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKTnjjbNOqqbE0JPku6f0Sg%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDcxNDU3Nzc3ODM5NDQyOTU5MA%3D%3D&google_gid=CAESEKTnjjbNOqqbE0JPku6f0Sg&google_cver=1&google_push=AXcoOmQzuAK4TUwIuCkKCXsP2XQ6-uqOSH...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDcxNDU3Nzc3ODM5NDQyOTU5MA%3D%3D&google_gid=CAESEKTnjjbNOqqbE0JPku6f0Sg&google_cver=1&google_push=AXcoOmQzuAK4TUwIuCkKCXsP2XQ6-uqOSHLOLIKYh_G6jnVCMF1SfKmsB_Mr2_IiZGxYBO3rjXP6OWJqNjgoFO-inHxVceRdRlt0WQ

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:55 GMT
an-x-request-uuid: 88b0204b-f4a8-4be9-9e62-90071b3c802c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDcxNDU3Nzc3ODM5NDQyOTU5MA%3D%3D&google_gid=CAESEKTnjjbNOqqbE0JPku6f0Sg&google_cver=1&google_push=AXcoOmQzuAK4TUwIuCkKCXsP2XQ6-uqOSHLOLIKYh_G6jnVCMF1SfKmsB_Mr2_IiZGxYBO3rjXP6OWJqNjgoFO-inHxVceRdRlt0WQ
x-proxy-origin: 37.58.58.247; 37.58.58.247; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E6E2 0
40 B 36ms
36ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JwK3pfttx72752cjzEyvUzJiVtQGIA5SSMskhGqv6k2E1uGCHoXdeqtitEL4sB28F7Qf21ZBk

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8842 37 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Host: imgsed.com
URL: https://imgsed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:54 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 138ms
58ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C57VnIjw2Ze2XFYyV9u8P5bG06ASB8P2fc57prIzbEfOOsMXfPxABIJWbyiFglZqigrAHoAHw3e70A8gBCakC0I9ASjzGsT7gAgCoAwHIA0iqBKoCT9BwcOKYqbXUTI9otDerQM6b-Hqba6TdUQFBEHTao5mzACbXrSEZG4mziwSgWbgHSmI6QlaexWOy-Ydaw6od8sQqIZYkk6i_t5mPVC4Dd27ia0tzmExxt8mPNBL-6LYKXjFsC4729moGjYUByaSqC8-0VVP14VPDpE975aXAPgHdr1UVV6jde_6eeMle-9VYNQhjz3MOZ_nEj5v9XkToAhg0Zu97MfXUzsxraumL2pdVLm0FzeIDRNtHOWiwLCoKO0KHre2Oh5rqkYkWMjZiHK8kn9D4C1qpAFfEE5_hSyX4DRMhmHSa0aBsjueXwIueHusyKPQHxViTiekz3oz3_QS3H-jh-M-qSQtW8XbBBM-6k0ugEJVrLT_nKubaH21bkKap45yVc170YMAE8tSysLkE4AQBiAWOqsu9TKAGLoAHpIjY3wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDcjwfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgl-aHR0cHM6Ly90b2dnby5kZS9ha3Rpb24vdmVycnVlY2t0LWlzdC1ub3JtYWwtbXdkNDY_Y2lkPTFfMDAwMjY3OCZhdWRpZW5jZT10b2dnbyZzX2t3Y2lkPUFMITk2MDkhMyE2NzQ2ODY5MzQyODIhIWltZ3NlZC5jb20hZCEhgAoDyAsB4g0TCM7dyvjsi4IDFYyK_Qcd5RgNTdgTA4gUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=NxMmVNefTjk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNzbptLg2XLhjHvYw3V8-2dTqbLRgKEjxWuXh4zgAIM4MG0MMZfmBGmgVi65yat3p3nKOawWXsCBgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 Oct 2023 09:25:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 42 KB
42 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/bg.jpg

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5751d9046545c90ee312e827c87c58237176bba5752915df19dfe0c2098d2f96

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:51 GMT
x-content-type-options: nosniff
age: 446524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42949
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5C1B
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C57VnIjw2Ze2XFYyV9u8P5bG06ASB8P2fc57prIzbEfOOsMXfPxABIJWbyiFglZqigrAHoAHw3e70A8gBCakC0I9ASjzGsT7gAgCoAwHIA0iqBKoCT9BwcOKYqbXUTI9otDerQM6b-Hqb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213396364513815175427%22,%22debug_reporting%22:true,%22destination%22:%22https://toggo.de%22,%22event_report_window%22:%222...

0
0

189ms
51ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213396364513815175427%22,%22debug_reporting%22:true,%22destination%22:%22https://toggo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221050390256%22],%224%22:[%2210-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217029214989977823345%22}&andc=true

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:25:55 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13396364513815175427","debug_reporting":true,"destination":"https://toggo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1050390256"],"4":["10-23"],"6":["true"]},"priority":"500","source_event_id":"17029214989977823345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 23 Oct 2023 09:25:55 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 23 Oct 2023 09:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13396364513815175427","debug_reporting":true,"destination":"https://toggo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1050390256"],"4":["10-23"],"6":["true"]},"priority":"500","source_event_id":"17029214989977823345"}&andc=true
access-control-allow-origin: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2527 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Host: 7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
URL: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:54 GMT

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame A47A 37 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:54 GMT

GET
H3 200 bg2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 21 KB
21 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/bg2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db55cce120a692aabb8c7e426375a43a4a4c6c39c52366ce50ce54f38e36d2d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:52 GMT
x-content-type-options: nosniff
age: 446523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21799
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:52 GMT

GET
H3 200 bg3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 23 KB
23 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/bg3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7ee3d287372b759ab64be703ccd59bb27e6bb1308202393b71d2a40b29fbd0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:52 GMT
x-content-type-options: nosniff
age: 446523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23930
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:52 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 1 KB
1 KB 16ms
16ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3272c6a6a5aaac07073aae477f1dea8a63b87b90844e43ad4bb3b483829a2805

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:52 GMT
x-content-type-options: nosniff
age: 446523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=4402841671155951&bg=!fX6lfjHNAAbDUgby41I7ADQBe5WfOJ48yr18msbvxhZZshKtTHITJEhwKSGVcxESzeweHrShsuLJWRugGzidkonru0eoAgAAAlhSAAAAA2gBBwoAIvK4JgG7f585oiRUNp5UUe-SPxRoEsQUmE7FqrTIa6USDDGZAqbtOU-4RDlzuJ_mRzLGeQyMpPBEOZRKvM1ekgURSWsj2dox2hbSEAwl6zUwDgQ2tvL6GYodQVVXZJfQyngXXalVH-RqqLyX9A_ZCQ_hVXLM57a3uhdkZmSsyEHuResXpkfmTYqjedlrV5Z0geJmPrf4f_z4GCg1x84bBDeSodmhGokJyf0ujO2TNI5CV0Ls7cSgU24QiwT_3fH0Vhj1eiZgxIz6gcl45JYnD4I9Sq0r2m_8Tf0rDONEGgoO2Cn3edGAUiSDIaBwzxa_XwVm-na3Lg9E0DRLx_rTIwFFmUZTva-l_aJVCUFVxXWE1SQL_gQdRZ_6BvqpungABzomQ7JJ-sWlSxTlxrqfVTqQoZtOwDFI48LjQAzC9VgSJMnVVRwI4hfc_FgIZY2MNrcO2xr7WGh8NXjXbPJ-vEZrcWFa0UqOSrw1yDu8xlPI5h-whwnusF-Uf-XXC0TXLuwFQHxb1iFMpMo2E27xTlBNQXRCp8TgRMb1J2MBWJzoByFVQ7ZBjHNrHELt1xr8noqFO5Qr18ZzVNZNBu37k2JC3SmP_2CuTL9ckGlmdeqz7oAbNyDZyJPmkupoWqIjOFWkacchAWWU9JS-3FinGualTurdM0Vd3b3UHdd5R381k_Ous8Q6L23Pxoh1ei3ljFkAIyE7vjjFnqNbdO_S1zlmwd8A_7XYRxEuy9u71hfcLaKIpSNlCUMSt7uCy6L2Ktk9C4IFsLniSww2eVt5k2g3Xm9qENBDSRYaUUIvNDGgjZoruKh8mEdsOVuFSdNF5F1rXi3QCDE5OYJHG7oQ2SGXCK7LjG4WK5l0EmFXoaA5nt3mJjxhWPUATLsYsQX3hyWwwBItjwaMT1laSWng52ELO43aQroUKxoi5ht3bFoC5ixv9Tf-6yBMacw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 116ms
59ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 Oct 2023 09:25:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 toggo_button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 1 KB
1 KB 20ms
20ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/toggo_button.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

990b1da5ec0edecbd40fc1b0b6c58d0fb8489fa25de3ed209780ac0cfb543da9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:52 GMT
x-content-type-options: nosniff
age: 446523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1474
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:52 GMT

GET
H3 200 txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 3 KB
3 KB 15ms
15ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/txt1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b3123f9ee3a53b96d265130b3a7e66bbf4ce7c606465a6f5cf8b14e03dc902

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:52 GMT
x-content-type-options: nosniff
age: 446523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3456
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:52 GMT

GET
H3 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/txt2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a3620be62cce16a39a17597d9098876299a74e4e3f4902bc4814ad9edc84939

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:52 GMT
x-content-type-options: nosniff
age: 446523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2052
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:52 GMT

GET
H3 200 txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/ Frame A47A 2 KB
2 KB 16ms
16ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/images/txt3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78018a12fd365a199016366dbc57a8bc5e700ad71e71ac6b7f89f9e03d0e0ce6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5151766327875504782/728x90_TOGGO_Imagekp_Q4_2023_Kinder_M03/toggo_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 18 Oct 2023 05:23:52 GMT
x-content-type-options: nosniff
age: 446523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1669
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 12:02:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 05:23:52 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D16A 42 B
64 B 66ms
65ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOHfpQGWvHUiL_XomxsvFuIB8RFueeYz0rqdS1k3x412D6XZ-cSSxK_Y-AlFdOLLALx5Q7xped-2SOQeodZxG7bVzOWJJ5S4YXSNwm8UvZ-pJJ-o7kQiWfrg2_wlsR51IXe6mptA83LP66&sai=AMfl-YRVnaZCon0fo72umOql4ayOqPzQvCBjSqIcYzkWFNks1Ts5vvflQi5Un9lF3s5bS_HY7bs5Mqj2BAw_0PW2d5TvBpxnyhmTy2164Rbn9S2K3jFZJOLsdGHa6xE&sig=Cg0ArKJSzH_KRMCnnnuWEAE&cid=CAQSOwDICaaNDEXC0N_lgF_SlHU1FiHdF2jbfOywmoY5JG6h52xXBzQRskvtdQtOpm58r0tyz-CboEx2QIsCGAE&id=ampim&o=560,298&d=480,320&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=418&tls=1418&g=100&h=100&tt=1419&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C1B 42 B
174 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvx87AhJrV3utTtjjQ-3SlKiUD5NeMSdv0h_FHEswDcISh49RZKc_kxwzfXppuojt3kMZr0aJ9hSPDwPIDIKSgTNidl8yJ7_NfrQiMNMEUnQHN8oQd33fnKcaZe8ZgEd55uP9zL__mol0khq1RswYAf5G64TWC6hTrQBfX9OUKUwyYv-GrAyhgYfbB8KOS4lby-4KZJLDrj1RH3N5rsNRMZGMCWtDLILPq5aEtqT9AD6GTuLzWhjglT9fSkhsxIt7LuXlK3Kl2u1sXcZIjy2fhj3RaBdxsVt8jXC4zZqULEj2RybTgfnDnhQRsz7gu7NiBQpz_st0kE7uLGgtlm9-cYdmU6DeyZBTRD0ftAoxm70Ae36WDhXKRbVNMIbVRu5dtS2I2lu8pOk_96OBiY4yC_LHhl0SJK28399YnF9xaeXMO1c2sAz_2rCs-1ogAaHn9KpA78hJj-wJNpEny4Wn-ct7WnZWz7JkuKP2F0GB6H817tdX-Hpfgi-Zt00SoSf5VwiK40GxNfw-RTH4rs0lwQKhGOYmhIAiiPeUPbRgiX_562F5l-ALv3fTRoJuCnM2ukpoOiksdt0AVb954ZtSD8rBhyAb32a6xFLdlf0lrZ-00TieW_4pcXBhfa-VgfaZr-6ajMsB5U0w-JGnhjXbx0iKGzxs0aqGJaMEkbJ9wrlqSSdQ0fmvq5nvYmCfxxFZWBNv3msxgvAsQKFCrb-WDouGeShqtSzCvaWZ-7fY1EpM3ZbHT8n-Htipb4jnUsxIlrXvbjD64OjdZmGFUHI6q5vsOFpMaRtdhgPqdoqeIdXzRuJLuKwZvJ1KwKC6Zb8ptmSleDEaSI7A78rOK455qn4lFGFxzkkm8aq71xk2zDtDX4npVNtmdbURK6uz1p34GjHki8T0cKj_J8XRdcPZ22yahyE9yfz53MBZfSg_DtLG3fFO-kETuBneuIZA2lM2b0CBS6dfhXpqHrIVrfGm1VRQoZyratvsxTibHxzrNxZDfVTij6NRGzmixCI-YMgjQNKWei5tDfmsLjqF6PoqFimplFaJ_MdQZMHnYBZIcbZDd_ng7WUgXoP7QTAYcZF-1MQhQrWQ1e5OQ0E00SsV2fuxrDu2IKZXG-OUntjKwDkwlsBARYHhei-OD_pWC_AzL47Z187JI0Hw0ypfbRw8pCzbf9s4Sq_-rkFV3FVk6KkHlm6OxDYos56T6zXd-UVd5QunheMwAMJcckhc7uUj9Lft3eiSUYz83FZSZnzrOHcbEiujOXdoCvQuOp0ROU9IV_qhwpNz3sgsvkMOunzzR0qIWbGfwXc0652dSroXarWghxlbWK-k_wG_sRv3ASz_dw-UtsurIK0tXYSj6Qzj9v8o0hEiLeHBZVJ8B94bFGNB3TVQlNBVKUlAUZ6WbvPeAvdLzgmkABElJYGwhS2nldCbi8SDYLxVDBWm0&sai=AMfl-YS2vCXRQ389v5bY0eFSceNbH8B2zP-igoAsDc-RI_5a3ADifLnQh7vcRz2QUZL53CC7rTrMTUFiso_GnELALRXZd7IH7MUFQ8lVmfkUJhqfPLyAJCVuPU7c14dYXiRQjSuGfI_YyaSs5Q&sig=Cg0ArKJSzMnO7vWhlBUOEAE&cid=CAQSPADICaaNzbptLg2XLhjHvYw3V8-2dTqbLRgKEjxWuXh4zgAIM4MG0MMZfmBGmgVi65yat3p3nKOawWXsCBgB&id=lidar2&mcvt=1005&p=1110,436,1200,1164&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=806473613&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698053154884&rpt=272&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GC2VPDBYKB&gtm=45je3ai0&_p=1144489870&cid=2036576179.1698053153&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698053153&sct=1&seg=0&dl=https%3A%2F%2Fimgsed.com%2F&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20imgsed.com&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC2VPDBYKB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgsed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 09:25:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgsed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCkLqVmCSucE_X-PCkkdJdrROax9OYqGYZooo4g8-NIvCGc5hfzN_tRWrvHUuvy1DOYhxRHGv6gK8oE_4Q32EjN0fSmlEcTj3G5d69jR-YTiqT3GdPQH8Favieo1AzsmxQ7mDxvqZiUYifq9UsRtnS1vTriov0UuqT_K190RavVpyWoetdWy-_oWsQr2MRKUapCc-lHeypAd8UZC4DnN7I5pchD4z2lOdMzTD-3V3yKSj85dUwPBM9r_BMxBXSg9lTyia1gJh-lOwNqAC-2_X5v8YXzbbSnhCz5oxkKsk4AIeaufi6zw1oK_ozEdVcHDusnk3FSyNPkX9ddJayXbclCWDjBulyeJoGOPtgoUxv7CKTCE5bAFoCnWeyEM-4SA4vFs1nmWv56k9LfPoPDlIXHuSliH7OplsXGCCrqw&sai=AMfl-YTlYw00hlu6BL6FtMxYDtIlHEAywyP7ViUyVl3t3YYQ711U0jUdS-tpKgXQJpSIr7fxh1q4RClhvNJFbNYsWkoOXr8HesP-1Iv7naepJow1sOfivS3O_Zw-DQef7NUC69gXi7CAcsAyXdWiwjQ&sig=Cg0ArKJSzPJ-n07Bs6tEEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuajxZyEAnAZM0I1LoTgMHwj0DcJN_exIXVNxafU1tnBYWJSp7W6JDRtXiY2sBLbXqPhT-Q4P9LPSBmiM7-xWAS9p4MQpFj4ZRemCa_4l6Bo5GDeZDWX-dArN4VpGsHH_-g0RSz_6bfMVDLS2reOAaem3eMXJQxu3qBwDDO05TP8Vipe4Pigi10MlXOt1vA7ymHjSKloaT-EcvQYwcZ64RdxvQ1NqwJ8kS2xKSJXa6zzb6823st29IiQZ5fNmc558pJbk3MLiwHZJfW4RER_7gwL-DlFx7o1U3CSZ2u5HHFFPGsZRNSm1ELEP31z7r0rPa_rr5vCcNON51oaH4atSzT1iFmT5G4Qkc_P9WYZiob2z7RsGp9AZWrQtkLYysrY-QAH59pgXSeX1Qtz2SZ3C1ZThUdrWcgVZ8yPJFn&sai=AMfl-YQb0lSYq9aEg34-G7gwh7UKQciDLP0zsl3prJx0DA5hQz_wwYV7T1ZJInun-eJJ3MTx6TQ_a9BCiNOdxncPz0TqEzZnoYPGydzA8mWD7daLvNuS9boU5MFSwUJac7C4zJ47QU8yoFF53EoswtQi&sig=Cg0ArKJSzCp_Ks96Zn0JEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgsed.com/	1970-01-21 01:16:53	Name: _ga Value: GA1.1.2036576179.1698053153
.imgsed.com/	1970-01-21 01:16:53	Name: _ga_GC2VPDBYKB Value: GS1.1.1698053153.1.0.1698053153.0.0.0
live.demand.supply/	1970-01-21 01:16:53	Name: demandSupplyTi Value: 85b91bfd-8e8a-491d-b700-77639cf1231c
.demand.supply/	1970-01-20 15:40:54	Name: __cf_bm Value: xRhITsX4BWljHaagPI1BWez_PxbSzTyfKZW29iqLAls-1698053153-0-AVGaKlWEUa742cYTkX7xKzxQkWYaVsZlDRk05uaADwyGg7KPg+2EA6nU4j3vdfjZi0YXeJmLyxX3rb6SWuxfgk4=
.criteo.com/	1970-01-21 01:02:29	Name: uid Value: d71254d6-d6cb-44c7-8fab-6aebbd6514ef
.imgsed.com/	1970-01-21 00:26:29	Name: connectId Value: {"ttl":86400000,"lastUsed":1698053153908,"lastSynced":1698053153908}
.imgsed.com/	1970-01-21 01:02:29	Name: cto_bundle Value: rjrD3l85MzE1JTJGazljbEREVkg1akElMkZ1cE8ya3JiRnpub3I2dVZ2cHFUcjBqWGtrd1N4WkRQeW5senl1SGgyTyUyRlFxbkFESzNIMEtYSHdKSFRuWnJObDUlMkIlMkY4OWtZM1NkZ0Y4bmpQNFdOZnFUazd2WVVkaFhyMHo3Tld0RWl4dkQ4T1hQekdrYWpsbGxmaXpYaVFmMDRmZDRNTE1RJTNEJTNE
.openx.net/	1970-01-21 00:26:29	Name: i Value: cec9c823-18f1-43b0-9831-aa8c272e12e3\|1698053153
.imgsed.com/	1970-01-21 01:02:29	Name: __gads Value: ID=ecda95a946f9b41b:T=1698053153:RT=1698053153:S=ALNI_MZzsFJWRFBJI-oL83d9hRjQvmlz-A
.imgsed.com/	1970-01-21 01:02:29	Name: __gpi Value: UID=00000ca04436f496:T=1698053153:RT=1698053153:S=ALNI_MYUZnraMhxWBfo4Mk5snlOQ57VOLg
.doubleclick.net/	1970-01-21 01:02:29	Name: IDE Value: AHWqTUkndxw5GunYIn6u8HYMm_oERKgiNifSdvL-FIrVhwFufrEdvR6LFmbCXHrdfP4
.doubleclick.net/	1970-01-20 15:40:56	Name: DSID Value: NO_DATA
.1rx.io/	1970-01-21 00:26:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b4506754-1098-4c51-805d-880009c005e7-003%22%7D
.adform.net/	1970-01-20 16:25:31	Name: C Value: 1
.targeting.unrulymedia.com/	1970-01-21 00:26:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b4506754-1098-4c51-805d-880009c005e7-003%22%7D
.adform.net/	1970-01-20 17:07:17	Name: uid Value: 1259879376329777915
.linkedin.com/	1970-01-21 00:26:29	Name: bcookie Value: "v=2&6d3b0807-ce11-4ebd-876d-7a6f3651b4b8"
.linkedin.com/	1970-01-20 20:00:05	Name: li_gc Value: MTswOzE2OTgwNTMxNTU7MjswMjGg70Dc3ZWB60iM9jOCjInfuHaWnxelAisn8UgSJipJVg==
.linkedin.com/	1970-01-20 15:42:19	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2697:u=1:x=1:i=1698053155:t=1698139555:v=2:sig=AQHo-RESh07a8BKUgpokWC8deE6sxwTd"
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86108\|ZTY8J
.adnxs.com/	1970-01-20 17:50:29	Name: uuid2 Value: 4714577778394429590
.pubmatic.com/	1970-01-20 15:42:19	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-21 00:26:29	Name: KADUSERCOOKIE Value: 19ADCCB6-EDC6-481E-A505-A30A8E80847F
.yahoo.com/	1970-01-21 00:26:50	Name: A3 Value: d=AQABBCM8NmUCECrov1GVcVJWSa_Wa9XiwXQFEgEBAQGNN2VAZQAAAAAA_eMAAA&S=AQAAAmAF1fs5cBoOlpmY2oU4KjY
.zemanta.com/	1970-01-21 00:26:29	Name: zuid Value: GIIxpiFv-UrAY_nlwkSW
fksnk.com/	1970-01-20 15:50:57	Name: AWSALBCORS Value: dcoCoiq8Bcs3qdvHLg6bN7LDx557g5coG8RTrwCaXaKs6Tp3rRPE7hqyPG91BxY3HgUPnEe8aYX2/dpBIO994E5+EjDTvJDeUAsi6pT+rRh9q80l3t8dd/m09iAz
.fksnk.com/	1970-01-20 17:50:29	Name: f_001 Value: 1D56C8792A2FC447
.fksnk.com/	1970-01-20 15:42:19	Name: g_001 Value: 1
.tribalfusion.com/	1970-01-20 17:50:29	Name: ANON_ID Value: akntuJtlix98qyTAZaRq6ebIa2ZawDJ3AeAjwZaB7WoJSQEj6ZaCIHybYfuAWmhwGqZar6y6hoETyycTrtZayFK8nZbygUA
.googleadservices.com/	1970-01-20 17:50:29	Name: ar_debug Value: 1
.adsby.bidtheatre.com/	1970-01-20 15:50:57	Name: __kuid Value: bcfc9304-7d11-45d0-8ebb-4eb4b1ad6c97.467267156

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a4b7f1f5a1263e8dde4c607b5369018.safeframe.googlesyndication.com
a.tribalfusion.com
ajax.googleapis.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
fksnk.com
fonts.googleapis.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
imgsed.com
invstatic101.creativecdn.com
live.demand.supply
match.adsby.bidtheatre.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
s1.imgsed.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
securepubads.g.doubleclick.net
www.googletagservices.com
104.18.35.167
141.95.98.64
142.250.186.130
142.250.186.34
185.64.190.78
185.89.210.212
188.166.17.21
20.127.253.7
2001:4860:4802:34::36
2600:9000:223c:b400:10:dd8:5e40:93a1
2600:9000:2250:e000:a:e047:753:6381
2606:4700:10::ac43:266a
2606:4700:20::681a:a84
2606:4700:20::ac43:4970
2606:4700::6810:5714
2606:4700::6810:8616
2606:4700::6812:19ad
2620:1ec:22::14
2a00:1450:4001:801::200a
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:830::200a
2a02:2638:3::3
2a02:2638:3::c
2a05:d018:d29:3601:b2c6:d996:450e:d342
3.75.62.37
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.227.252.103
37.157.2.228
46.228.174.117
52.2.38.181
52.48.43.143
65.9.66.68
69.166.1.67
70.42.32.159
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
06ad5e00e1d76caca9003eb34ffd42e84503751ccc57e1faac2b75eff537ec5c
06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0814ceb83311ca54fa848a9a31915d46a05013536d38aa50abebb7cf223edf57
0a7ee3d287372b759ab64be703ccd59bb27e6bb1308202393b71d2a40b29fbd0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db55cce120a692aabb8c7e426375a43a4a4c6c39c52366ce50ce54f38e36d2d
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
1237c882a38059a513cc0c95d0bb8a0063d67d277e1f06d468cac52997cf5159
1238d5a02bc822bd680fd7d2d0fa4fbdf3d7443423982fb2b5f56fa37a51170d
13deeb1d584e1c2d3c1e3cc383c786ba94c9451f96523c68cece52973e359b40
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a3d588c4db4d100f0dc0d963d665edcf48f7e37ef09f06f636f86c1bb4eed56
1c208516b99fc74db1a33a95458e1b6b2d2733ef6763f9982f9c9b35681c3031
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22c15261262c5e2f2a66b8f7569c0dd504f21a19e0c7c98a5144c2278c72c666
2319ebe543b8bf097ab4775e9f09810431df08f76bed879aa5a30948f9aa83d5
254ed2440d3fe989e8e3e2f2a892760cd72ec637fffa6a2955e2c95895c0feef
2742b4678cbe6514356bf3709ac6ccf8592ae04082d8f1bc4c2be5897cad1013
2942d68833d12cef344d33372d07bcd4c0c4158cec250cbc118f1517cf9cfcfa
2a3620be62cce16a39a17597d9098876299a74e4e3f4902bc4814ad9edc84939
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3272c6a6a5aaac07073aae477f1dea8a63b87b90844e43ad4bb3b483829a2805
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a72ad910926c1b0b3c2e4dc626acfcc072a73c952d57720805b568b570b5506
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4a766ef9c7ab716c773e4d54b22c695de624e4c2d9ae1f3ea813fbc388680c92
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4dc02a22934f04188b6c636c4658117fb11445e2de7e22e93f66229f00690e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5751d9046545c90ee312e827c87c58237176bba5752915df19dfe0c2098d2f96
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632eb24dd7829ee00477cf17df51b7edf55b1cda72e35a7e379d74fb6fc22984
6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc
6cd902fd8f4f98a895c83234de57cce57aca9397c65c7f8dd267411056a1058d
6cde987f5337e880f4aa9520d7b3c341e91b0259a19008371fb4635554538c24
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
75ecaae151c5e3aeb1067dc5b4f22984e935e14512f22e2d72bd2ec7863c4a51
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
78018a12fd365a199016366dbc57a8bc5e700ad71e71ac6b7f89f9e03d0e0ce6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
9520ab24cf8816d89cb263b472d2a986c30d42850d092d568ede49c692e867a4
9552e29bf8bf3d8a139038ee3942e2171e7991b59219a96bf56cd07def6d9c91
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
990b1da5ec0edecbd40fc1b0b6c58d0fb8489fa25de3ed209780ac0cfb543da9
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3e8b70a03b7a556d13790626e177655d2246879f94742dcd6a2c3ced4c7a937
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
ae2c787218aacea4481c61990ecb4bfae42a0dbef1d302760d00e6935c134ad8
ae3ce16231e6b4c71c520c58cc1328c4c9eee058096415cccec79010b7979758
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b06b29b115ed854d6852bcfb728ce679e9c8347bb34be7f633605847844b5d79
b7ba4c533cd86f18ad26a68304d31fb59592fc6315d4f2518361ca40d7594cae
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
cc5eb56d0487ad956ef9dccb9620c28b8cf1d34e56873371a333bbbb3cc4c547
cd4a1efeb43f21e344b7d4701672ecb92081eaec6dc7179a2929ad187733c73d
ce0361a97adae1b4e2cd0ba1b2ee98f3dd7bc5c9b5b1331c7859a4d64fde9dc5
d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68
d5cbb541bfd8b131b5896efb0d0f238fd722753ae36b2920df7eedf60e793f24
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d7b3123f9ee3a53b96d265130b3a7e66bbf4ce7c606465a6f5cf8b14e03dc902
e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

imgsed.com Open in urlscan Pro 2606:4700:20::ac43:4970 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

86 %HTTPS

55 %IPv6

36 Domains

50 Subdomains

37 IPs

8 Countries

1238 kBTransfer

3421 kBSize

31 Cookies

1 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgsed.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

86 %
HTTPS

55 %
IPv6

36
Domains

50
Subdomains

37
IPs

8
Countries

1238 kB
Transfer

3421 kB
Size

31
Cookies

140 HTTP transactions
4 data transactions